Merge remote-tracking branch 'refs/remotes/MicrosoftDocs/master' into nitinme-seo-okr-updates

nitinme · nitinme · commit 8acba2aff279 · 2019-12-27T12:09:35.000-08:00
diff --git a/articles/active-directory/develop/active-directory-claims-mapping.md b/articles/active-directory/develop/active-directory-claims-mapping.md
@@ -411,7 +411,13 @@ Based on the method chosen, a set of inputs and outputs is expected. Define the
 
 ### Custom signing key
 
-A custom signing key must be assigned to the service principal object for a claims mapping policy to take effect. This ensures acknowledgment that tokens have been modified by the creator of the claims mapping policy and protects applications from claims mapping policies created by malicious actors.  Apps that have claims mapping enabled must check a special URI for their token signing keys by appending `appid={client_id}` to their [OpenID Connect metadata requests](v2-protocols-oidc.md#fetch-the-openid-connect-metadata-document).  
+A custom signing key must be assigned to the service principal object for a claims mapping policy to take effect. This ensures acknowledgment that tokens have been modified by the creator of the claims mapping policy and protects applications from claims mapping policies created by malicious actors. In order to add a custom signing key, you can use the Azure Powershell cmdlet `new-azureadapplicationkeycredential` to create a symmetric key credential for your Application object. For more information on this Azure Powershell cmdlet click [here](https://docs.microsoft.com/powershell/module/Azuread/New-AzureADApplicationKeyCredential?view=azureadps-2.0).
+
+Apps that have claims mapping enabled must validate their token signing keys by appending `appid={client_id}` to their [OpenID Connect metadata requests](v2-protocols-oidc.md#fetch-the-openid-connect-metadata-document). Below is the format of the OpenID Connect metadata document you should use: 
+
+```
+https://login.microsoftonline.com/{tenant}/v2.0/.well-known/openid-configuration?appid={client-id}
+```
 
 ### Cross-tenant scenarios
 
@@ -516,4 +522,4 @@ In this example, you create a policy that emits a custom claim “JoinedData”
 
 ## See also
 
-To learn how to customize claims issued in the SAML token through the Azure portal, see [How to: Customize claims issued in the SAML token for enterprise applications](active-directory-saml-claims-customization.md)
+To learn how to customize claims issued in the SAML token through the Azure portal, see [How to: Customize claims issued in the SAML token for enterprise applications](active-directory-saml-claims-customization.md)
diff --git a/articles/iot-pnp/concepts-common-interfaces.md b/articles/iot-pnp/concepts-common-interfaces.md
@@ -3,7 +3,7 @@ title: Common interfaces - IoT Plug and Play Preview | Microsoft Docs
 description: Description of common interfaces for IoT Plug and Play developers
 author: ChrisGMsft
 ms.author: chrisgre
-ms.date: 09/08/2019
+ms.date: 12/26/2019
 ms.topic: conceptual
 ms.service: iot-pnp
 services: iot-pnp
diff --git a/articles/iot-pnp/concepts-developer-guide.md b/articles/iot-pnp/concepts-developer-guide.md
@@ -3,7 +3,7 @@ title: Developer guide - IoT Plug and Play Preview | Microsoft Docs
 description: Description of device modeling for IoT Plug and Play developers
 author: dominicbetts
 ms.author: dobett
-ms.date: 07/05/2019
+ms.date: 12/26/2019
 ms.topic: conceptual
 ms.service: iot-pnp
 services: iot-pnp
diff --git a/articles/iot-pnp/concepts-limits-quotas.md b/articles/iot-pnp/concepts-limits-quotas.md
@@ -3,7 +3,7 @@ title: Limits and quotas IoT Plug and Play Preview | Microsoft Docs
 description: Understand the limits, quotas, and throttling that apply when you use IoT Plug and Play Preview.
 author: miagdp
 ms.author: miag
-ms.date: 08/01/2019
+ms.date: 12/26/2019
 ms.topic: conceptual
 ms.service: iot-pnp
 services: iot-pnp
diff --git a/articles/iot-pnp/concepts-model-discovery.md b/articles/iot-pnp/concepts-model-discovery.md
@@ -3,7 +3,7 @@ title: Implement IoT Plug and Play Preview model discovery | Microsoft Docs
 description: As a solution developer, learn about how you can implement IoT Plug and Play model discovery in your solution.
 author: ChrisGMsft
 ms.author: chrisgre
-ms.date: 07/17/2019
+ms.date: 12/26/2019
 ms.topic: conceptual
 ms.custom: mvc
 ms.service: iot-pnp
diff --git a/articles/iot-pnp/howto-develop-solution.md b/articles/iot-pnp/howto-develop-solution.md
@@ -3,7 +3,7 @@ title: Interact with an IoT Plug and Play Preview device from an Azure IoT solut
 description: As a solution developer, learn about how to use the service SDK to interact with IoT Plug and Play devices.
 author: Philmea
 ms.author: philmea
-ms.date: 07/24/2019
+ms.date: 12/26/2019
 ms.topic: tutorial
 ms.custom: mvc
 ms.service: iot-pnp
diff --git a/articles/iot-pnp/howto-develop-with-vs-vscode.md b/articles/iot-pnp/howto-develop-with-vs-vscode.md
@@ -3,7 +3,7 @@ title: Use Visual Studio and Visual Studio Code to build IoT Plug and Play Previ
 description: Use Visual Studio and Visual Studio Code to accelerate authoring IoT Plug and Play device models and implementing the device code.
 author: liydu
 ms.author: liydu
-ms.date: 10/29/2019
+ms.date: 12/26/2019
 ms.topic: conceptual
 ms.service: iot-pnp
 services: iot-pnp
diff --git a/articles/iot-pnp/howto-generate-sas-token.md b/articles/iot-pnp/howto-generate-sas-token.md
@@ -3,7 +3,7 @@ title: Generate security token to access IoT Plug and Play Preview repository |
 description: Generate a shared access signature token to use when you access an IoT Plug and Play Preview model repository programmatically.
 author: Philmea
 ms.author: philmea
-ms.date: 08/06/2019
+ms.date: 12/27/2019
 ms.topic: conceptual
 ms.service: iot-pnp
 services: iot-pnp
diff --git a/articles/iot-pnp/howto-install-iot-explorer.md b/articles/iot-pnp/howto-install-iot-explorer.md
@@ -3,7 +3,7 @@ title: Install and use Azure IoT explorer | Microsoft Docs
 description: Install the Azure IoT explorer tool and use it to interact with the IoT Plug and Play Preview devices connected to my IoT hub.
 author: miagdp
 ms.author: miag
-ms.date: 07/02/2019
+ms.date: 12/27/2019
 ms.topic: conceptual
 ms.service: iot-pnp
 services: iot-pnp
diff --git a/articles/iot-pnp/howto-install-pnp-cli.md b/articles/iot-pnp/howto-install-pnp-cli.md
@@ -3,7 +3,7 @@ title: Use the Azure IoT extension for Azure CLI to interact with IoT Plug and P
 description: Install the Azure IoT extension for Azure CLI and use it to interact with the IoT Plug and Play devices connected to my IoT hub.
 author: ChrisGMsft
 ms.author: chrisgre
-ms.date: 09/08/2019
+ms.date: 12/26/2019
 ms.topic: conceptual
 ms.service: iot-pnp
 services: iot-pnp
diff --git a/articles/spring-cloud/spring-cloud-concept-metrics.md b/articles/spring-cloud/spring-cloud-concept-metrics.md
@@ -79,31 +79,31 @@ YOu can also use the **Apply splitting** option, which will draw multiple lines
 ## User portal metrics options
 
 The following table shows the available metrics and details.
-
-| Name | Display Name | Spring Actuator Metric Name | Unit | Details |
-|:-----|:-----|:-----|:-----|:-----|
-| SystemCpuUsagePercentage | System CPU Usage Percentage | system.cpu.usage | Percent | Recent CPU usage for the whole system. This value is a double in the [0.0,1.0] interval. A value of 0.0 means that all CPUs were idle during the recent period of time observed, while a value of 1.0 means that all CPUs were actively running 100% of the time during the recent period being observed. All values between 0.0 and 1.0 are possible depending on the activities going on in the system. If the system recent cpu usage is not available, the method returns a negative value. |
-| AppCpuUsagePercentage | App CPU Usage Percentage | App CPU Usage Percentage | Percent | Recent CPU usage for the Java Virtual Machine process. This value is a double in the [0.0,1.0] interval. A value of 0.0 means that none of the CPUs were running threads from the JVM process during the recent period of time observed, while a value of 1.0 means that all CPUs were actively running threads from the JVM 100% of the time during the recent period being observed. Threads from the JVM include the application threads as well as the JVM internal threads. All values between 0.0 and 1.0 are possible depending on the activities going on in the JVM process and the whole system. If the Java Virtual Machine recent CPU usage is not available, the method returns a negative value. |
-| AppMemoryCommitted | App Memory Assigned | jvm.memory.committed | Bytes | Represents the amount of memory (in bytes) that is guaranteed to be available for use by the Java virtual machine. The amount of committed memory may change over time (increase or decrease). The Java virtual machine may release memory to the system and committed could be less than init. committed will always be greater than or equal to used. |
-| AppMemoryUsed | App Memory Used | jvm.memory.used | Bytes | Represents the amount of memory currently used in bytes. |
-| AppMemoryMax | App Memory Max | jvm.memory.max | Bytes | Represents the maximum amount of memory (in bytes) that can be used for memory management. Its value may be undefined. The maximum amount of memory may change over time if defined. The amount of used and committed memory will always be less than or equal to max if max is defined. A memory allocation may fail if it attempts to increase the used memory such that used > committed even if used <= max would still be true (for example, when the system is low on virtual memory). |
-| MaxOldGenMemoryPoolBytes | Max Available Old Generation Data Size | jvm.gc.max.data.size | Bytes | The peak memory usage of the old generation memory pool since the Java virtual machine was started. |
-| OldGenMemoryPoolBytes | Old Generation Data Size | jvm.gc.live.data.size | Bytes | Size of old generation memory pool after a full GC. |
-| OldGenPromotedBytes | Promote to Old Generation Data Size | jvm.gc.memory.promoted | Bytes | Count of positive increases in the size of the old generation memory pool before GC to after GC. |
-| YoungGenPromotedBytes | Promote to Young Generation Data Size | jvm.gc.memory.allocated | Bytes | Incremented for an increase in the size of the young generation memory pool after one GC to before the next. |
-| GCPauseTotalCount | GC Pause Count | jvm.gc.pause (total-count) | Count | Total GC count after this JMV started, including Young and Old GC. |
-| GCPauseTotalTime | GC Pause Total Time | jvm.gc.pause (total-time) | Milliseconds | Total GC time consumed after this JMV started, including Young and Old GC. |
-| TomcatSentBytes | Tomcat Total Sent Bytes | tomcat.global.sent | Bytes | Amount of data Tomcat web server sent, in bytes |
-| TomcatReceivedBytes | Tomcat Total Received Bytes | tomcat.global.received | Bytes | Amount of data Tomcat web server received, in bytes |
-| TomcatRequestTotalTime | Tomcat Request Total Time | tomcat.global.request (total-time) | Milliseconds | Total time of Tomcat web server to process the requests. |
-| TomcatRequestTotalCount | Tomcat Request Total Count | tomcat.global.request (total-count) | Count | Total count of Tomcat web server processed requests |
-| TomcatRequestMaxTime | Tomcat Request Max Time | tomcat.global.request.max | Milliseconds | Maximum time of Tomcat web server to process a request |
-| TomcatErrorCount | Tomcat Global Error | tomcat.global.error | Count | Number of errors occurs of processed requests |
-| TomcatSessionActiveMaxCount | Tomcat Session Max Active Count | tomcat.sessions.active.max | Count | Maximum number of sessions that have been active at the same time |
-| TomcatSessionAliveMaxTime | Tomcat Session Max Alive Time | tomcat.sessions.alive.max | Milliseconds | Longest time (in seconds) that an expired session had been alive |
-| TomcatSessionCreatedCount | Tomcat Session Created Count | tomcat.sessions.created | Count | Number of sessions that have been created |
-| TomcatSessionExpiredCount | Tomcat Session Expired Count | tomcat.sessions.expired | Count | Number of sessions that have expired |
-| TomcatSessionRejectedCount | Tomcat Session Rejected Count | tomcat.sessions.rejected | Count | Number of sessions that were not created because the maximum number of active sessions reached. |
+>[!div class="mx-tdBreakAll"]
+>| Name | Display Name | Spring Actuator Metric Name | Unit | Details |
+>|----|----|----|----|------------|
+>| SystemCpuUsagePercentage | System CPU Usage Percentage | system.cpu.usage | Percent | Recent CPU usage for the whole system. This value is a double in the [0.0,1.0] interval. A value of 0.0 means that all CPUs were idle during the recent period of time observed, while a value of 1.0 means that all CPUs were actively running 100% of the time during the recent period being observed. All values between 0.0 and 1.0 are possible depending on the activities going on in the system. If the system recent cpu usage is not available, the method returns a negative value. |
+>| AppCpuUsagePercentage | App CPU Usage Percentage | App CPU Usage Percentage | Percent | Recent CPU usage for the Java Virtual Machine process. This value is a double in the [0.0,1.0] interval. A value of 0.0 means that none of the CPUs were running threads from the JVM process during the recent period of time observed, while a value of 1.0 means that all CPUs were actively running threads from the JVM 100% of the time during the recent period being observed. Threads from the JVM include the application threads as well as the JVM internal threads. All values between 0.0 and 1.0 are possible depending on the activities going on in the JVM process and the whole system. If the Java Virtual Machine recent CPU usage is not available, the method returns a negative value. |
+>| AppMemoryCommitted | App Memory Assigned | jvm.memory.committed | Bytes | Represents the amount of memory (in bytes) that is guaranteed to be available for use by the Java virtual machine. The amount of committed memory may change over time (increase or decrease). The Java virtual machine may release memory to the system and committed could be less than init. committed will always be greater than or equal to used. |
+>| AppMemoryUsed | App Memory Used | jvm.memory.used | Bytes | Represents the amount of memory currently used in bytes. |
+>| AppMemoryMax | App Memory Max | jvm.memory.max | Bytes | Represents the maximum amount of memory (in bytes) that can be used for memory management. Its value may be undefined. The maximum amount of memory may change over time if defined. The amount of used and committed memory will always be less than or equal to max if max is defined. A memory allocation may fail if it attempts to increase the used memory such that used > committed even if used <= max would still be true (for example, when the system is low on virtual memory). |
+>| MaxOldGenMemoryPoolBytes | Max Available Old Generation Data Size | jvm.gc.max.data.size | Bytes | The peak memory usage of the old generation memory pool since the Java virtual machine was started. |
+>| OldGenMemoryPoolBytes | Old Generation Data Size | jvm.gc.live.data.size | Bytes | Size of old generation memory pool after a full GC. |
+>| OldGenPromotedBytes | Promote to Old Generation Data Size | jvm.gc.memory.promoted | Bytes | Count of positive increases in the size of the old generation memory pool before GC to after GC. |
+>| YoungGenPromotedBytes | Promote to Young Generation Data Size | jvm.gc.memory.allocated | Bytes | Incremented for an increase in the size of the young generation memory pool after one GC to before the next. |
+>| GCPauseTotalCount | GC Pause Count | jvm.gc.pause (total-count) | Count | Total GC count after this JMV started, including Young and Old GC. |
+>| GCPauseTotalTime | GC Pause Total Time | jvm.gc.pause (total-time) | Milliseconds | Total GC time consumed after this JMV started, including Young and Old GC. |
+>| TomcatSentBytes | Tomcat Total Sent Bytes | tomcat.global.sent | Bytes | Amount of data Tomcat web server sent, in bytes |
+>| TomcatReceivedBytes | Tomcat Total Received Bytes | tomcat.global.received | Bytes | Amount of data Tomcat web server received, in bytes |
+>| TomcatRequestTotalTime | Tomcat Request Total Time | tomcat.global.request (total-time) | Milliseconds | Total time of Tomcat web server to process the requests. |
+>| TomcatRequestTotalCount | Tomcat Request Total Count | tomcat.global.request (total-count) | Count | Total count of Tomcat web server processed requests |
+>| TomcatRequestMaxTime | Tomcat Request Max Time | tomcat.global.request.max | Milliseconds | Maximum time of Tomcat web server to process a request |
+>| TomcatErrorCount | Tomcat Global Error | tomcat.global.error | Count | Number of errors occurs of processed requests |
+>| TomcatSessionActiveMaxCount | Tomcat Session Max Active Count | tomcat.sessions.active.max | Count | Maximum number of sessions that have been active at the same time |
+>| TomcatSessionAliveMaxTime | Tomcat Session Max Alive Time | tomcat.sessions.alive.max | Milliseconds | Longest time (in seconds) that an expired session had been alive |
+>| TomcatSessionCreatedCount | Tomcat Session Created Count | tomcat.sessions.created | Count | Number of sessions that have been created |
+>| TomcatSessionExpiredCount | Tomcat Session Expired Count | tomcat.sessions.expired | Count | Number of sessions that have expired |
+>| TomcatSessionRejectedCount | Tomcat Session Rejected Count | tomcat.sessions.rejected | Count | Number of sessions that were not created because the maximum number of active sessions reached. |
 
 ## See also
 * [Getting started with Azure Metrics Explorer](https://docs.microsoft.com/azure/azure-monitor/platform/metrics-getting-started)
diff --git a/articles/virtual-wan/openvpn-azure-ad-tenant.md b/articles/virtual-wan/openvpn-azure-ad-tenant.md
@@ -6,7 +6,7 @@ author: anzaman
 
 ms.service: vpn-gateway
 ms.topic: conceptual
-ms.date: 11/13/2019
+ms.date: 12/27/2019
 ms.author: alzam
 
 ---
@@ -86,31 +86,8 @@ Use the steps in [this article](../active-directory/fundamentals/add-users-azure
 
     ![Azure VPN](./media/openvpn-create-azure-ad-tenant/azurevpn.png)
 
-8. Enable Azure AD authentication on the VPN gateway by running the following commands, being sure to modify the command to reflect your own environment:
-
-    ```azurepowershell-interactive
-    $gw = Get-AzVirtualNetworkGateway -Name <name of VPN gateway> -ResourceGroupName <Resource group>
-    Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gw -VpnClientRootCertificates @()
-    Set-AzVirtualNetworkGateway -VirtualNetworkGateway $gw -AadTenantUri "https://login.microsoftonline.com/<your Directory ID>" -AadAudienceId "41b23e61-6c1e-4545-b367-cd054e0ed4b4" -AadIssuerUri "https://sts.windows.net/<your Directory ID>/"
-    ```
-
-9. Create and download the profile by running the following commands. Change the -ResourcGroupName and -Name values to match your own.
-
-    ```azurepowershell-interactive
-    $profile = New-AzVpnClientConfiguration -Name <name of VPN gateway> -ResourceGroupName <Resource group> -AuthenticationMethod "EapTls"
-    $PROFILE.VpnProfileSASUrl
-    ```
-
-10. After running the commands, you see a result similar to the one below. Copy the result URL to your browser to download the profile zip file.
-
-    ![Azure VPN](./media/openvpn-create-azure-ad-tenant/profile.png)
-
-11. Extract the downloaded zip file.
-
-12. Browse to the unzipped “AzureVPN” folder.
-
-13. Make a note of the location of the “azurevpnconfig.xml” file. The azurevpnconfig.xml contains the setting for the VPN connection and can be imported directly into the Azure VPN Client application. You can also distribute this file to all the users that need to connect via e-mail or other means. The user will need valid Azure AD credentials to connect successfully.
+8. Configure Azure AD authentication for User VPN and assign it to a Virtual Hub by following the steps in [Configure Azure AD authentication for Point-to-Site connection to Azure](virtual-wan-point-to-site-azure-ad.md)
 
 ## Next steps
 
-In order to connect to your virtual network, you must create and configure a VPN client profile. See [Configure Azure AD authentication for Point-to-Site connection to Azure](virtual-wan-point-to-site-azure-ad.md).
+In order to connect to your virtual network, you must create and configure a VPN client profile and associate it to a Virtual Hub. See [Configure Azure AD authentication for Point-to-Site connection to Azure](virtual-wan-point-to-site-azure-ad.md).
