Merge pull request #192542 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/azure-docs (branch main)

Author: huypub

articles/active-directory-b2c/deploy-custom-policies-devops.md

@@ -92,7 +92,8 @@ try {
                 Write-Host "Uploading the" $PolicyId "policy..."
     
                 $graphuri = 'https://graph.microsoft.com/beta/trustframework/policies/' + $PolicyId + '/$value'
-                $response = Invoke-RestMethod -Uri $graphuri -Method Put -Body $policycontent -Headers $headers
+                $content = [System.Text.Encoding]::UTF8.GetBytes($policycontent)
+                $response = Invoke-RestMethod -Uri $graphuri -Method Put -Body $content -Headers $headers
     
                 Write-Host "Policy" $PolicyId "uploaded successfully."
             }

articles/active-directory-b2c/enable-authentication-in-node-web-app.md

@@ -1,6 +1,6 @@
 ---
 title: Enable authentication in your own Node web application using Azure Active Directory B2C
-description: This article explains how to enable authentication in your own node.js web application using Azure AD B2C 
+description: This article explains how to enable authentication in your own Node.js web application using Azure AD B2C 
 titleSuffix: Azure AD B2C
 services: active-directory-b2c
 author: kengaderdus

articles/active-directory-b2c/integrate-with-app-code-samples.md

@@ -1,5 +1,5 @@
 ---
-title: Azure Active Directory B2C integrate with app samples  
+title: Azure Active Directory B2C integrate with app samples
 description: Code samples for integrating Azure AD B2C to mobile, desktop, web, and single-page applications.
 services: active-directory-b2c
 author: kengaderdus
@@ -36,7 +36,7 @@ The following tables provide links to samples for applications including iOS, An
 | [dotnetcore-webapp-openidconnect](https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/tree/master/1-WebApp-OIDC/1-5-B2C) | An ASP.NET Core web application that uses OpenID Connect to sign in users in Azure AD B2C. |
 | [dotnetcore-webapp-msal-api](https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/tree/master/4-WebApp-your-API/4-2-B2C) | An ASP.NET Core web application that can sign in a user using Azure AD B2C, get an access token using MSAL.NET and call an API. |
 | [auth-code-flow-nodejs](https://github.com/Azure-Samples/active-directory-b2c-msal-node-sign-in-sign-out-webapp) | A Node.js app that shows how to enable authentication (sign in, sign out and profile edit) in a Node.js web application using Azure Active Directory B2C. The web app uses MSAL-node.|
-| [javascript-nodejs-webapi](https://github.com/Azure-Samples/active-directory-b2c-javascript-nodejs-webapi) | A small node.js Web API for Azure AD B2C that shows how to protect your web api and accept B2C access tokens using passport.js. |
+| [javascript-nodejs-webapi](https://github.com/Azure-Samples/active-directory-b2c-javascript-nodejs-webapi) | A small Node.js Web API for Azure AD B2C that shows how to protect your web api and accept B2C access tokens using passport.js. |
 | [ms-identity-python-webapp](https://github.com/Azure-Samples/ms-identity-python-webapp/blob/master/README_B2C.md) | Demonstrate how to Integrate B2C of Microsoft identity platform with a Python web application.  |
 
 ## Single page apps

articles/active-directory-b2c/threat-management.md

@@ -60,7 +60,7 @@ When testing the smart lockout feature, use a distinctive pattern for each passw
 When the smart lockout threshold is reached, you'll see the following message while the account is locked: **Your account is temporarily locked to prevent unauthorized use. Try again later**. The error messages can be [localized](localization-string-ids.md#sign-up-or-sign-in-error-messages).
 
 > [!NOTE]
-> When you test smart lockout, your sign-in requests might be handled by different datacenters due to the geo-distributed and load-balanced nature of the Azure AD authentication service. In that scenario, because each Azure AD datacenter tracks lockout independently, it might take more than your defined lockout threshold number of attempts to cause a lockout. A user has a maximum of (threshold_limit * datacenter_count) number of bad attempts before being completely locked out.
+> When you test smart lockout, your sign-in requests might be handled by different datacenters due to the geo-distributed and load-balanced nature of the Azure AD authentication service. In that scenario, because each Azure AD datacenter tracks lockout independently, it might take more than your defined lockout threshold number of attempts to cause a lockout. A user has a maximum of (threshold_limit * datacenter_count) number of bad attempts before being completely locked out. For more information, see [Azure global infrastructure](https://azure.microsoft.com/global-infrastructure/).
 
 ## Viewing locked-out accounts
 

articles/active-directory/azuread-dev/sample-v1-code.md

@@ -88,7 +88,7 @@ The following samples illustrate public client applications (desktop/mobile appl
 The following samples show desktop or web applications that access the Microsoft Graph or a web API with no user (with the application identity).
 
 Client application | Platform | Flow/Grant | Calls an ASP.NET or ASP.NET Core 2.0 Web API
------------------- | -------- | ---------- | -------------------- 
+------------------ | -------- | ---------- | --------------------
 Daemon app (Console)          | ![This image shows the .NET Framework logo](media/sample-v2-code/logo-netframework.png) | Client Credentials with app secret or certificate | [dotnet-daemon](https://github.com/azure-samples/active-directory-dotnet-daemon)</p> [dotnet-daemon-certificate-credential](https://github.com/azure-samples/active-directory-dotnet-daemon-certificate-credential)
 Daemon app (Console)         | ![This image shows the .NET Core logo](media/sample-v2-code/logo-netcore.png) | Client Credentials with certificate| [dotnetcore-daemon-certificate-credential](https://github.com/Azure-Samples/active-directory-dotnetcore-daemon-certificate-credential)
 ASP.NET Web App  | ![This image shows the .NET Framework logo](media/sample-v2-code/logo-netframework.png) | Client credentials | [dotnet-webapp-webapi-oauth2-appidentity](https://github.com/Azure-Samples/active-directory-dotnet-webapp-webapi-oauth2-appidentity)
@@ -97,7 +97,7 @@ ASP.NET Web App  | ![This image shows the .NET Framework logo](media/sample-v2-c
 
 ### Web API protected by Azure Active Directory
 
-The following sample shows how to protect a node.js web API with Azure AD.
+The following sample shows how to protect a Node.js web API with Azure AD.
 
 In the previous sections of this article, you can also find other samples illustrating a client application **calling** an ASP.NET or ASP.NET Core **Web API**. These samples are not mentioned again in this section, but you will find them in the last column of the tables above or below
 

articles/active-directory/external-identities/external-collaboration-settings-configure.md

@@ -71,10 +71,14 @@ Here's an example that shows how to use PowerShell to add a user to the Guest In
 Add-MsolRoleMember -RoleObjectId 95e79109-95c0-4d8e-aee3-d01accf2d47b -RoleMemberEmailAddress <RoleMemberEmailAddress>
 ```
 
+## Sign-in logs for B2B users
+
+When a B2B user signs into a resource tenant to collaborate, a sign-in log is generated in both the home tenant and the resource tenant. These logs include information such as the application being used, email addresses, tenant name, and tenant ID for both the home tenant and the resource tenant. 
+
 ## Next steps
 
 See the following articles on Azure AD B2B collaboration:
 
 - [What is Azure AD B2B collaboration?](what-is-b2b.md)
 - [Add B2B collaboration guest users without an invitation](add-user-without-invite.md)
-- [Adding a B2B collaboration user to a role](./add-users-administrator.md)
+- [Adding a B2B collaboration user to a role](./add-users-administrator.md)

articles/app-service/app-service-web-nodejs-best-practices-and-troubleshoot-guide.md

@@ -108,7 +108,7 @@ The default value is false. When set to true, iisnode displays the HTTP status c
 
 This setting controls debugging feature. Iisnode is integrated with node-inspector. By enabling this setting, you enable debugging of your node application. Upon enabling this setting, iisnode creates node-inspector files in ‘debuggerVirtualDir’ directory on the first debug request to your node application. You can load the node-inspector by sending a request to `http://yoursite/server.js/debug`. You can control the debug URL segment with ‘debuggerPathSegment’ setting. By default, debuggerPathSegment=’debug’. You can set `debuggerPathSegment` to a GUID, for example, so that it is more difficult to be discovered by others.
 
-Read [Debug node.js applications on Windows](https://tomasz.janczuk.org/2011/11/debug-nodejs-applications-on-windows.html) for more details on debugging.
+Read [Debug Node.js applications on Windows](https://tomasz.janczuk.org/2011/11/debug-nodejs-applications-on-windows.html) for more details on debugging.
 
 ## Scenarios and recommendations/troubleshooting
 
@@ -210,7 +210,7 @@ You can see that 95% of the time was consumed by the WriteConsoleLog function. T
 
 If your application is consuming too much memory, you see a notice from Azure App Service on your portal about high memory consumption. You can set up monitors to watch for certain [metrics](web-sites-monitor.md). When checking the memory usage on the [Azure portal Dashboard](../azure-monitor/essentials/metrics-charts.md), be sure to check the MAX values for memory so you don’t miss the peak values.
 
-#### Leak detection and Heap Diff for node.js
+#### Leak detection and Heap Diff for Node.js
 
 You could use [node-memwatch](https://github.com/lloyd/node-memwatch) to help you identify memory leaks.
 You can install `memwatch` just like v8-profiler and edit your code to capture and diff heaps to identify the memory leaks in your application.
@@ -265,7 +265,7 @@ NODE.exe has a setting called `NODE_PENDING_PIPE_INSTANCES`. On Azure App Servic
 
 ## More resources
 
-Follow these links to learn more about node.js applications on Azure App Service.
+Follow these links to learn more about Node.js applications on Azure App Service.
 
 * [Get started with Node.js web apps in Azure App Service](quickstart-nodejs.md)
 * [How to debug a Node.js web app in Azure App Service](/archive/blogs/azureossds/debugging-node-js-apps-on-azure-app-services)

articles/app-service/configure-custom-container.md

@@ -142,7 +142,7 @@ If the app changes compute instances for any reason, such as scaling up and down
 
 ## Configure port number
 
-By default, App Service assumes your custom container is listening on port 80. If your container listens to a different port, set the `WEBSITES_PORT` app setting in your App Service app. You can set it via the [Cloud Shell](https://shell.azure.com). In Bash:
+By default, App Service assumes your custom container is listening on either port 80 or port 8080. If your container listens to a different port, set the `WEBSITES_PORT` app setting in your App Service app. You can set it via the [Cloud Shell](https://shell.azure.com). In Bash:
 
 ```azurecli-interactive
 az webapp config appsettings set --resource-group <group-name> --name <app-name> --settings WEBSITES_PORT=8000

articles/app-service/manage-create-arc-environment.md

@@ -66,7 +66,6 @@ az extension add --upgrade --yes --name appservice-kube
 
     az group create -g $aksClusterGroupName -l $resourceLocation
     az aks create --resource-group $aksClusterGroupName --name $aksName --enable-aad --generate-ssh-keys
-    infra_rg=$(az aks show --resource-group $aksClusterGroupName --name $aksName --output tsv --query nodeResourceGroup)
     ```
 
     # [PowerShell](#tab/powershell)

articles/app-service/overview-local-cache.md

@@ -121,6 +121,9 @@ As part of the step that copies the storage content, any folder that is named re
 ### How to flush the local cache logs after a site management operation?
 To flush the local cache logs, stop and restart the app. This action clears the old cache. 
 
+### Why does App Service starts showing previously deployed files after a restart when Local Cache is enabled?
+In case App Service starts showing previously deployed files on a restart, check for the precense of the App Setting - '[WEBSITE_DISABLE_SCM_SEPARATION=true](https://github.com/projectkudu/kudu/wiki/Configurable-settings#use-the-same-process-for-the-user-site-and-the-scm-site)'.  After adding this setting any deployments via KUDU start writing to the local VM instead of the persistent storage. Best practices mentioned above in this article should be leveraged, wherein the deployments should always be done to the staging slot which does not have Local Cache enabled.
+
 ## More resources
 
-[Environment variables and app settings reference](reference-app-settings.md)
+[Environment variables and app settings reference](reference-app-settings.md)