Merge pull request #185010 from MicrosoftDocs/repo_sync_working_branch

huypub · web-flow · commit 9ca95cb2e831 · 2022-01-13T14:43:23.000-08:00
Confirm merge from repo_sync_working_branch to master to sync with https://github.com/MicrosoftDocs/azure-docs (branch master)
diff --git a/articles/active-directory-b2c/tutorial-create-user-flows.md b/articles/active-directory-b2c/tutorial-create-user-flows.md
@@ -104,7 +104,7 @@ To enable [self-service password reset](add-password-reset-policy.md) for the si
 
 1. Select the sign-up or sign-in user flow  you created.
 1. Under **Settings** in the left menu, select **Properties**.
-1. Under **Password complexity**, select **Self-service password reset**.
+1. Under **Password configuration**, select **Self-service password reset**.
 1. Select **Save**.
 
 ### Test the user flow
diff --git a/articles/active-directory/external-identities/redemption-experience.md b/articles/active-directory/external-identities/redemption-experience.md
@@ -61,17 +61,19 @@ When you add a guest user to your directory by [using the Azure portal](./b2b-qu
 4. The guest is guided through the [consent experience](#consent-experience-for-the-guest) described below.
 
 ## Redemption limitation with conflicting Contact object
-Sometimes the invited external guest user's email may conflict with an existing [Contact object](/graph/api/resources/contact), resulting in the guest user being created without a proxyAddress. This is a known limitation that prevents guest users from: 
-- Redeeming an invitation through a direct link using [SAML/WS-Fed IdP](./direct-federation.md), [Microsoft Accounts](./microsoft-account.md), [Google Federation](./google-federation.md), or [Email One-Time Passcode](./one-time-passcode.md) accounts. 
-- Redeeming an invitation through an invitation email redemption link using [SAML/WS-Fed IdP](./direct-federation.md) and [Email One-Time Passcode](./one-time-passcode.md) accounts.
-- Signing back into an application after redemption using [SAML/WS-Fed IdP](./direct-federation.md) and [Google Federation](./google-federation.md) accounts.
+Sometimes the invited external guest user's email may conflict with an existing [Contact object](/graph/api/resources/contact), resulting in the guest user being created without a proxyAddress. This is a known limitation that prevents guest users from redeeming an invitation through a direct link using [SAML/WS-Fed IdP](./direct-federation.md), [Microsoft Accounts](./microsoft-account.md), [Google Federation](./google-federation.md), or [Email One-Time Passcode](./one-time-passcode.md) accounts.
+
+However, the following scenarios should continue to work:
+-	Redeeming an invitation through an invitation email redemption link using [SAML/WS-Fed IdP](./direct-federation.md), [Email One-Time Passcode](./one-time-passcode.md), and [Google Federation](./google-federation.md) accounts.
+-	Signing back into an application after redemption using [SAML/WS-Fed IdP](./direct-federation.md) and [Google Federation](./google-federation.md) accounts.
 
 To unblock users who can't redeem an invitation due to a conflicting [Contact object](/graph/api/resources/contact), follow these steps:
-1. Delete the conflicting Contact object.
-2. Delete the guest user in the Azure portal (the user's "Invitation accepted" property should be in a pending state).
-3. Re-invite the guest user.
-4. Wait for the user to redeem invitation.
-5. Add the user's Contact email back into Exchange and any DLs they should be a part of.
+1.	Delete the conflicting Contact object.
+2.	Delete the guest user in the Azure portal (the user's "Invitation accepted" property should be in a pending state).
+3.	Re-invite the guest user.
+4.	Wait for the user to redeem invitation.
+5.	Add the user's Contact email back into Exchange and any DLs they should be a part of.
+
 
 ## Invitation redemption flow
 
@@ -140,4 +142,4 @@ If you see an error that requires admin consent while accessing an application,
 - [Add Azure Active Directory B2B collaboration users in the Azure portal](add-users-administrator.md)
 - [How do information workers add B2B collaboration users to Azure Active Directory?](add-users-information-worker.md)
 - [Add Azure Active Directory B2B collaboration users by using PowerShell](customize-invitation-api.md#powershell)
-- [Leave an organization as a guest user](leave-the-organization.md)
+- [Leave an organization as a guest user](leave-the-organization.md)
diff --git a/articles/cosmos-db/emulator-command-line-parameters.md b/articles/cosmos-db/emulator-command-line-parameters.md
@@ -73,7 +73,7 @@ Import-Module "$env:ProgramFiles\Azure Cosmos DB Emulator\PSModules\Microsoft.Az
 or place the `PSModules` directory on your `PSModulePath` and import it as shown in the following command:
 
 ```powershell
-$env:PSModulePath += "$env:ProgramFiles\Azure Cosmos DB Emulator\PSModules"
+$env:PSModulePath += ";$env:ProgramFiles\Azure Cosmos DB Emulator\PSModules"
 Import-Module Microsoft.Azure.CosmosDB.Emulator
 ```
 
diff --git a/articles/role-based-access-control/custom-roles-portal.md b/articles/role-based-access-control/custom-roles-portal.md
@@ -14,7 +14,7 @@ ms.author: rolyon
 
 # Create or update Azure custom roles using the Azure portal
 
-If the [Azure built-in roles](built-in-roles.md) don't meet the specific needs of your organization, you can create your own Azure custom roles. Just like built-in roles, you can assign custom roles to users, groups, and service principals at subscription and resource group scopes. Custom roles are stored in an Azure Active Directory (Azure AD) directory and can be shared across subscriptions. Each directory can have up to 5000 custom roles. Custom roles can be created using the Azure portal, Azure PowerShell, Azure CLI, or the REST API. This article describes how to create custom roles using the Azure portal.
+If the [Azure built-in roles](built-in-roles.md) don't meet the specific needs of your organization, you can create your own Azure custom roles. Just like built-in roles, you can assign custom roles to users, groups, and service principals at management group (in preview only), subscription and resource group scopes. Custom roles are stored in an Azure Active Directory (Azure AD) directory and can be shared across subscriptions. Each directory can have up to 5000 custom roles. Custom roles can be created using the Azure portal, Azure PowerShell, Azure CLI, or the REST API. This article describes how to create custom roles using the Azure portal.
 
 ## Prerequisites
 
diff --git a/articles/service-bus-messaging/message-transfers-locks-settlement.md b/articles/service-bus-messaging/message-transfers-locks-settlement.md
@@ -11,7 +11,7 @@ ms.custom: devx-track-csharp
 
 The central capability of a message broker such as Service Bus is to accept messages into a queue or topic and hold them available for later retrieval. *Send* is the term that is commonly used for the transfer of a message into the message broker. *Receive* is the term commonly used for the transfer of a message to a retrieving client.
 
-When a client sends a message, it usually wants to know whether the message has been properly transferred to and accepted by the broker or whether some sort of error occurred. This positive or negative acknowledgment settles the client and the broker understanding about the transfer state of the message. So, it' referred to as *settlement*.
+When a client sends a message, it usually wants to know whether the message has been properly transferred to and accepted by the broker or whether some sort of error occurred. This positive or negative acknowledgment settles the understanding of both the client and broker about the transfer state of the message. Therefore, it's referred to as a *settlement*.
 
 Likewise, when the broker transfers a message to a client, the broker and client want to establish an understanding of whether the message has been successfully processed and can therefore be removed, or whether the message delivery or processing failed, and thus the message might have to be delivered again.
 
@@ -127,4 +127,4 @@ The default value for the lock duration is **30 seconds**. You can specify a dif
 ## Next steps
 - A special case of settlement is deferral. See the [Message deferral](message-deferral.md) for details. 
 - To learn about dead-lettering, see [Dead-letter queues](service-bus-dead-letter-queues.md).
-- To learn more about Service Bus messaging in general, see [Service Bus queues, topics, and subscriptions](service-bus-queues-topics-subscriptions.md)
+- To learn more about Service Bus messaging in general, see [Service Bus queues, topics, and subscriptions](service-bus-queues-topics-subscriptions.md)
diff --git a/articles/vs-azure-tools-storage-explorer-blobs.md b/articles/vs-azure-tools-storage-explorer-blobs.md
@@ -145,6 +145,9 @@ The following steps illustrate how to manage (add and remove) access policies fo
    * **Edit an access policy** -  Make any desired edits, and select **Save**.
    * **Remove an access policy** - Select **Remove** next to the access policy you wish to remove.
 
+> [!NOTE]
+> Modifying immutability policies is not supported from Storage Explorer. 
+
 ## Set the Public Access Level for a blob container
 
 By default, every blob container is set to "No public access".
@@ -248,4 +251,4 @@ The following steps illustrate how to manage the blobs (and folders) within a bl
 [16]: ./media/vs-azure-tools-storage-explorer-blobs/blob-upload-files-options.png
 [17]: ./media/vs-azure-tools-storage-explorer-blobs/blob-upload-folder-menu.png
 [18]: ./media/vs-azure-tools-storage-explorer-blobs/blob-upload-folder-options.png
-[19]: ./media/vs-azure-tools-storage-explorer-blobs/blob-container-open-editor-context-menu.png
+[19]: ./media/vs-azure-tools-storage-explorer-blobs/blob-container-open-editor-context-menu.png
