Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into dt-blobs

Author: KingdomOfEnds

.openpublishing.redirection.json

@@ -140,6 +140,11 @@
       "redirect_url": "https://docs.microsoft.com/azure/architecture/topics/high-performance-computing/",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/virtual-machines/workloads/oracle/oracle-considerations.md",
+      "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview/",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/machine-learning/studio/consume-web-service-with-web-app-template.md",
       "redirect_url": "/azure/machine-learning/studio/consume-web-services",
@@ -26809,6 +26814,86 @@
       "redirect_url": "/azure/marketplace/cloud-partner-portal/test-drive/what-is-test-drive",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-channel-info-tab.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/create-new-saas-offer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-contacts-tab.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/create-new-saas-offer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-create-offer.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/create-new-saas-offer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-offer-settings-tab.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/create-new-saas-offer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-plans-tab.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/create-new-saas-offer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-prerequisites.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/offer-creation-checklist",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-publish-offer.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/create-new-saas-offer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-saas-subscription-apis.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/create-new-saas-offer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-storefront-tab.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/create-new-saas-offer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-technical-info-tab.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/create-new-saas-offer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-testdrive-tab.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/create-new-saas-offer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-update-existing-offer.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/create-new-saas-offer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-saas-fulfillment-api-v1.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/pc-saas-fulfillment-api-v1",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-saas-fulfillment-api-v2.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/pc-saas-fulfillment-api-v2",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-saas-fulfillment-apis.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/pc-saas-fulfillment-apis",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/marketplace/cloud-partner-portal/saas-app/cpp-saas-registration.md",
+      "redirect_url": "/azure/marketplace/partner-center-portal/pc-saas-registration",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/marketplace/grow-your-business-azure-marketplace.md",
       "redirect_url": "/azure/marketplace/grow-your-business-with-azure-marketplace",

articles/active-directory/authentication/howto-password-ban-bad-configure.md

@@ -21,7 +21,7 @@ Many organizations find their users create passwords using common local words su
 
 ## Add to the custom list
 
-Configuring the custom banned password list requires an Azure Active Directory Premium P1 or P2 license. For more detailed information about Azure Active Directory licensing, see the [Azure Active Directory pricing page](https://azure.microsoft.com/pricing/details/active-directory/).|
+Configuring the custom banned password list requires an Azure Active Directory Premium P1 or P2 license. For more detailed information about Azure Active Directory licensing, see the [Azure Active Directory pricing page](https://azure.microsoft.com/pricing/details/active-directory/).
 
 1. Sign in to the [Azure portal](https://portal.azure.com) and browse to **Azure Active Directory**, **Authentication methods**, then **Password protection**.
 1. Set the option **Enforce custom list**, to **Yes**.

articles/active-directory/develop/about-microsoft-identity-platform.md

@@ -55,7 +55,7 @@ The **application API in Microsoft Graph** is currently in preview. Use this API
 
 ### MSAL libraries
 
-You can use the MSAL library to build applications that authenticate all Microsoft identities. The MSAL libraries in .NET are generally available. MSAL libraries for JavaScript, iOS, and Android are in preview and suitable for use in a production environment. We provide the same production level support for MSAL libraries in preview as we do for versions of MSAL and ADAL that are generally available.
+You can use the MSAL library to build applications that authenticate all Microsoft identities. The MSAL libraries in .NET and JavaScript are generally available. MSAL libraries for iOS and Android are in preview and suitable for use in a production environment. We provide the same production level support for MSAL libraries in preview as we do for versions of MSAL and ADAL that are generally available.
 
 You can also use the MSAL libraries to integrate your application with Azure AD B2C.
 

articles/active-directory/governance/access-reviews-overview.md

@@ -12,7 +12,7 @@ ms.tgt_pltfrm: na
 ms.devlang: na
 ms.topic: conceptual
 ms.subservice: compliance
-ms.date: 05/31/2019
+ms.date: 06/05/2019
 ms.author: rolyon
 ms.reviewer: mwahl
 ms.collection: M365-identity-device-management
@@ -53,8 +53,8 @@ Depending on what you want to review, you will create your access review in Azur
 | --- | --- | --- | --- |
 | Security group members</br>Office group members | Specified reviewers</br>Group owners</br>Self-review | Azure AD access reviews</br>Azure AD groups | Access panel |
 | Assigned to a connected app | Specified reviewers</br>Self-review | Azure AD access reviews</br>Azure AD enterprise apps (in preview) | Access panel |
-| Azure AD role | Specified reviewers</br>Self-review | Azure AD PIM | Azure portal |
-| Azure resource role | Specified reviewers</br>Self-review | Azure AD PIM | Azure portal |
+| Azure AD role | Specified reviewers</br>Self-review | [Azure AD PIM](../privileged-identity-management/pim-how-to-start-security-review.md?toc=%2fazure%2factive-directory%2fgovernance%2ftoc.json) | Azure portal |
+| Azure resource role | Specified reviewers</br>Self-review | [Azure AD PIM](../privileged-identity-management/pim-resource-roles-start-access-review.md?toc=%2fazure%2factive-directory%2fgovernance%2ftoc.json) | Azure portal |
 
 ## Which users must have licenses?
 
@@ -88,26 +88,6 @@ If you are ready to deploy access reviews in your organization, follow these ste
 
 >[!VIDEO https://www.youtube.com/embed/X1SL2uubx9M]
 
-## Onboard access reviews
-
-To onboard access reviews, follow these steps.
-
-1. As a Global administrator or User administrator, sign in to the [Azure portal](https://portal.azure.com) where you want to use access reviews.
-
-1. In the left navigation, click **Azure Active Directory**.
-
-1. In the left menu, click **Identity Governance**.
-
-1. Click **Access reviews**.
-
-    ![Access reviews start page](./media/access-reviews-overview/access-reviews-start.png)
-
-1. On the page, click the **Onboard now** button.
-
-    ![Access reviews onboard](./media/access-reviews-overview/onboard-button.png)
-
-1. Follow the instructions to onboard access reviews in the current directory.
-
 ## License requirements
 
 [!INCLUDE [Azure AD Premium P2 license](../../../includes/active-directory-p2-license.md)]

articles/active-directory/governance/create-access-review.md

@@ -26,7 +26,6 @@ This article describes how to create one or more access reviews for group member
 ## Prerequisites
 
 - Azure AD Premium P2
-- [Access reviews onboarded](access-reviews-overview.md)
 - Global administrator or User administrator
 
 For more information, see [Which users must have licenses?](access-reviews-overview.md#which-users-must-have-licenses).

articles/active-directory/governance/media/access-reviews-overview/access-reviews-start.png

@@ -64,7 +64,7 @@ After a single sign-on to Azure AD, users can access both cloud and on-premises
 
 Identity governance helps organizations achieve a balance between *productivity* --- how quickly can a person have access to the resources they need, such as when they join the organization? --- and *security* --- how should their access change over time, such as when that person's employment status changes? Identity lifecycle management is the foundation for identity governance, and effective governance at scale requires modernizing the identity lifecycle management infrastructure for applications.
 
-For many organizations, identity lifecycle for employees is tied to the representation of that user in a human capital management (HCM) system. For organizations using Workday as their HCM system, Azure AD can ensure user accounts in AD are [automatically provisioned and deprovisioned for workers in Workday](https://docs.microsoft.com/azure/active-directory/saas-apps/workday-inbound-tutorial). Doing so leads to improved user productivity through automation of birthright accounts and manages risk by ensuring application access is automatically updated when a user changes roles or leaves the organization. The Workday-driven user provisioning deployment plan (<https://aka.ms/WorkdayDeploymentPlan>) is a step-by-step guide that walks organizations through the best practices implementation of Workday to Active Directory User Provisioning solution in a five-step process.
+For many organizations, identity lifecycle for employees is tied to the representation of that user in a human capital management (HCM) system. For organizations using Workday as their HCM system, Azure AD can ensure user accounts in AD are [automatically provisioned and deprovisioned for workers in Workday](https://docs.microsoft.com/azure/active-directory/saas-apps/workday-inbound-tutorial). Doing so leads to improved user productivity through automation of birthright accounts and manages risk by ensuring application access is automatically updated when a user changes roles or leaves the organization. The Workday-driven user provisioning [deployment plan](https://aka.ms/WorkdayDeploymentPlan) is a step-by-step guide that walks organizations through the best practices implementation of Workday to Active Directory User Provisioning solution in a five-step process.
 
 Azure AD Premium also includes Microsoft Identity Manager, which can import records from other on-premises HCM systems, including SAP, Oracle eBusiness, and Oracle PeopleSoft.
 
@@ -73,7 +73,7 @@ Business-to-business collaboration increasingly requires granting access to peop
 Azure AD can [automatically create accounts in AD for guest users](https://docs.microsoft.com/azure/active-directory/b2b/hybrid-cloud-to-on-premises) as needed, enabling business guests to access on-premises AD-integrated applications without needing another password. Organizations can set up [multi-factor authentication (MFA) policies for guest user](https://docs.microsoft.com/azure/active-directory/b2b/conditional-access)s so MFA checks are done during application proxy authentication. Also, any [access reviews](https://docs.microsoft.com/azure/active-directory/governance/manage-guest-access-with-access-reviews) that are done on cloud B2B users apply to on-premises users. For example, if the cloud user is deleted through lifecycle management policies, the on-premises user is also deleted.
 
 **Credential management for Active Directory accounts**
-Azure AD's self-service password reset allows users who have forgotten their passwords to be reauthenticated and reset their passwords, with the changed passwords [written to on-premises Active Directory](https://docs.microsoft.com/azure/active-directory/authentication/concept-sspr-writeback). The password reset process can also use the on-premises Active Directory password policies: When a user resets their password, it's checked to ensure it meets the on-premises Active Directory policy before committing it to that directory. The self-service password reset deployment plan at <https://aka.ms/deploymentplans/sspr> outlines best practices to roll out self-service password reset to users via web and Windows-integrated experiences.
+Azure AD's self-service password reset allows users who have forgotten their passwords to be reauthenticated and reset their passwords, with the changed passwords [written to on-premises Active Directory](https://docs.microsoft.com/azure/active-directory/authentication/concept-sspr-writeback). The password reset process can also use the on-premises Active Directory password policies: When a user resets their password, it's checked to ensure it meets the on-premises Active Directory policy before committing it to that directory. The self-service password reset [deployment plan](https://aka.ms/deploymentplans/sspr) outlines best practices to roll out self-service password reset to users via web and Windows-integrated experiences.
 
 ![Azure AD SSPR architecture](media/cloud-governed-management-for-on-premises/image3.png)
 
@@ -83,13 +83,13 @@ When an organization is ready to move an AD-integrated application to the cloud
 
 ![Azure AD Domain Services](media/cloud-governed-management-for-on-premises/image4.png)
 
-## [Cloud governed management for on-premises federation-based applications]{.underline}
+## Cloud governed management for on-premises federation-based applications
 
 For an organization that already uses an on-premises identity provider, moving applications to Azure AD enables more secure access and an easier administrative experience for federation management. Azure AD enables configuring granular per-application access controls, including Azure Multi-Factor Authentication, by using Azure AD conditional access. Azure AD supports more capabilities, including application-specific token signing certificates and configurable certificate expiration dates. These capabilities, tools, and guidance enable organizations to retire their on-premises identity providers. Microsoft's own IT, for one example, has moved 17,987 applications from Microsoft's internal Active Directory Federation Services (AD FS) to Azure AD.
 
 ![Azure AD evolution](media/cloud-governed-management-for-on-premises/image5.png)
 
-To begin migrating federated applications to Azure AD as the identity provider, refer to,  that, includes links to:
+To begin migrating federated applications to Azure AD as the identity provider, refer to https://aka.ms/migrateapps that includes links to:
 
 * The white paper [Migrating Your Applications to Azure Active Directory](https://aka.ms/migrateapps/whitepaper), which presents the benefits of migration and describes how to plan for migration in four clearly-outlined phases: discovery, classification, migration, and ongoing management. You'll be guided through how to think about the process and break down your project into easy-to-consume pieces. Throughout the document are links to important resources that will help you along the way.
 
@@ -107,7 +107,7 @@ Organizations can automate the access lifecycle process through technologies suc
 
 ## Future directions
 
-In hybrid environments, Microsoft's strategy is to enable deployments where the cloud is the control plane for identity**,** and on-premises directories and other identity systems, such as Active Directory and other on-premises applications, are the target for provisioning users with access. This strategy will continue to ensure the rights, identities, and access in those applications and workloads that rely upon them. At this end state, organizations will be able to drive end-user productivity entirely from the cloud.
+In hybrid environments, Microsoft's strategy is to enable deployments where the **cloud is the control plane for identity**, and on-premises directories and other identity systems, such as Active Directory and other on-premises applications, are the target for provisioning users with access. This strategy will continue to ensure the rights, identities, and access in those applications and workloads that rely upon them. At this end state, organizations will be able to drive end-user productivity entirely from the cloud.
 
 ![Azure AD architecture](media/cloud-governed-management-for-on-premises/image6.png)
 

articles/active-directory/governance/media/access-reviews-overview/onboard-button.png

@@ -68,7 +68,7 @@ Next time the user signs in to the application, Azure AD send the new attribute
 
 The sign-in to the application is failing because the SAML response is missing attributes such as roles or because the application is expecting a different format or value for the EntityID attribute.
 
-If you're using [Azure AD automated user provisioning](https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/user-provisioning) to create, maintain, and remove users in the application. Then, verify that the user has been successfully provisioned to the SaaS application. For more information, see [No users are being provisioned to an Azure AD Gallery application](https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-provisioning-config-problem-no-users-provisioned)
+If you're using [Azure AD automated user provisioning](https://docs.microsoft.com/azure/active-directory/manage-apps/user-provisioning) to create, maintain, and remove users in the application. Then, verify that the user has been successfully provisioned to the SaaS application. For more information, see [No users are being provisioned to an Azure AD Gallery application](https://docs.microsoft.com/azure/active-directory/manage-apps/application-provisioning-config-problem-no-users-provisioned)
 
 ## Add an attribute in the Azure AD application configuration: