MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 70 additions & 69 deletions b/‎.openpublishing.redirection.json
Lines changed: 70 additions & 69 deletions
diff --git a/‎articles/active-directory/conditional-access/concept-baseline-protection.md
Lines changed: 3 additions & 3 deletions b/‎articles/active-directory/conditional-access/concept-baseline-protection.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎articles/active-directory/conditional-access/concept-conditional-access-policy-common.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory/conditional-access/concept-conditional-access-policy-common.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/active-directory/develop/tutorial-v2-aspnet-daemon-web-app.md
Lines changed: 17 additions & 6 deletions b/‎articles/active-directory/develop/tutorial-v2-aspnet-daemon-web-app.md
Lines changed: 17 additions & 6 deletions
diff --git a/‎articles/active-directory/hybrid/how-to-connect-install-prerequisites.md
Lines changed: 4 additions & 13 deletions b/‎articles/active-directory/hybrid/how-to-connect-install-prerequisites.md
Lines changed: 4 additions & 13 deletions
diff --git a/‎articles/active-directory/hybrid/reference-connect-version-history.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/hybrid/reference-connect-version-history.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/api-management/api-management-howto-protect-backend-with-aad.md
Lines changed: 2 additions & 2 deletions b/‎articles/api-management/api-management-howto-protect-backend-with-aad.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/azure-cache-for-redis/cache-dotnet-core-quickstart.md
Lines changed: 3 additions & 4 deletions b/‎articles/azure-cache-for-redis/cache-dotnet-core-quickstart.md
Lines changed: 3 additions & 4 deletions
diff --git a/‎articles/azure-cache-for-redis/cache-dotnet-how-to-use-azure-redis-cache.md
Lines changed: 4 additions & 4 deletions b/‎articles/azure-cache-for-redis/cache-dotnet-how-to-use-azure-redis-cache.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎articles/azure-cache-for-redis/cache-how-to-premium-clustering.md
Lines changed: 2 additions & 4 deletions b/‎articles/azure-cache-for-redis/cache-how-to-premium-clustering.md
Lines changed: 2 additions & 4 deletions
@@ -6,12 +6,12 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: conditional-access
 ms.topic: conceptual
-ms.date: 11/21/2019
+ms.date: 12/10/2019
 
 ms.author: joflore
 author: MicrosoftGuyJFlo
 manager: daveba
-ms.reviewer: calebb, rogoya
+ms.reviewer: rogoya
 
 ms.collection: M365-identity-device-management
 ---
@@ -84,6 +84,6 @@ To protect privileged actions, this **Require MFA for service management (previe
 
 For more information, see:
 
+* [Enabling security defaults](../fundamentals/concept-fundamentals-security-defaults.md)
 * [Common Conditional Access policies](concept-conditional-access-policy-common.md)
 * [Five steps to securing your identity infrastructure](../../security/fundamentals/steps-secure-identity.md)
-* [What is Conditional Access in Azure Active Directory?](overview.md)
@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: conditional-access
 ms.topic: conceptual
-ms.date: 12/03/2019
+ms.date: 12/10/2019
 
 ms.author: joflore
 author: MicrosoftGuyJFlo
@@ -17,7 +17,7 @@ ms.collection: M365-identity-device-management
 ---
 # Common Conditional Access policies
 
-Baseline protection policies are great but many organizations need more flexibility than they offer. For example, many organizations need the ability to exclude specific accounts like their emergency access or break-glass administration accounts from Conditional Access policies requiring multi-factor authentication. For those organizations, the common policies referenced in this article can be of use.
+[Security defaults](../fundamentals/concept-fundamentals-security-defaults.md) are great for some but many organizations need more flexibility than they offer. For example, many need the ability to exclude specific accounts like their emergency access or break-glass administration accounts from Conditional Access policies requiring multi-factor authentication. For those organizations, the common policies referenced in this article can be of use.
 
 ![Conditional Access policies in the Azure portal](./media/concept-conditional-access-policy-common/conditional-access-policies-azure-ad-listing.png)
 
 
@@ -14,17 +14,25 @@ ms.devlang: na
 ms.topic: tutorial
 ms.tgt_pltfrm: na
 ms.workload: identity
-ms.date: 11/20/2019
+ms.date: 12/10/2019
 ms.author: jmprieur
 ms.custom: aaddev, identityplatformtop40, scenarios:getting-started, languages:ASP.NET
 #Customer intent: As an application developer, I want to know how to set up OpenId Connect authentication in a web application built using Node.js with Express.
 ms.collection: M365-identity-device-management
 ---
 
-# Build a multitenant daemon that uses the Microsoft identity platform endpoint
+# Tutorial: Build a multitenant daemon that uses the Microsoft identity platform endpoint
 
 In this tutorial, you learn how to use the Microsoft identity platform to access the data of Microsoft business customers in a long-running, non-interactive process. The sample daemon uses the [OAuth2 client credentials grant](v2-oauth2-client-creds-grant-flow.md) to acquire an access token. The daemon then uses the token to call [Microsoft Graph](https://graph.microsoft.io) and access organizational data.
 
+> [!div class="checklist"]
+> * Integrate a daemon app with the Microsoft identity platform
+> * Grant application permissions directly to the app by an admin
+> * Get an access token to call the Microsoft Graph API
+> * Call the Microsoft Graph API.
+
+If you don’t have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
+
 The app is built as an ASP.NET MVC application. It uses the OWIN OpenID Connect middleware to sign in users.  
 
 The "daemon" component in this sample is an API controller, `SyncController.cs`. When the controller is called, it pulls in a list of users in the customer's Azure Active Directory (Azure AD) tenant from Microsoft Graph. `SyncController.cs` is triggered by an AJAX call in the web application. It uses the [Microsoft Authentication Library (MSAL) for .NET](msal-overview.md) to acquire an access token for Microsoft Graph.
@@ -57,11 +65,11 @@ git clone https://github.com/Azure-Samples/active-directory-dotnet-daemon-v2.git
 
 Or [download the sample in a zip file](https://github.com/Azure-Samples/ms-identity-aspnet-daemon-webapp/archive/master.zip).
 
-## Register the sample application with your Azure AD tenant
+## Register your application
 
-This sample has one project. To register it, you can either:
+This sample has one project. To register the application with your Azure AD tenant, you can either:
 
-- Follow the steps in [Register the sample with your Azure Active Directory tenant](#register-the-sample-application-with-your-azure-ad-tenant) and [Configure the sample to use your Azure AD tenant](#choose-the-azure-ad-tenant).
+- Follow the steps in [Register the sample with your Azure Active Directory tenant](#register-your-application) and [Configure the sample to use your Azure AD tenant](#choose-the-azure-ad-tenant).
 - Use PowerShell scripts that:
   - *Automatically* create the Azure AD applications and related objects (passwords, permissions, dependencies) for you.
   - Modify the Visual Studio projects' configuration files.
@@ -234,7 +242,10 @@ Visual Studio will publish the project and automatically open a browser to the p
 1. Save the configuration.
 1. Add the same URL in the list of values of the **Authentication** > **Redirect URIs** menu. If you have multiple redirect URLs, make sure that there's a new entry that uses the app service's URI for each redirect URL.
 
-## Community help and support
+## Clean up resources
+When no longer needed, delete the app object that you created in the [Register your application](#register-your-application) step.  To remove the application, follow the instructions in [Remove an application authored by you or your organization](quickstart-remove-app.md#remove-an-application-authored-by-you-or-your-organization).
+
+## Get help
 
 Use [Stack Overflow](http://stackoverflow.com/questions/tagged/msal) to get support from the community.
 Ask your questions on Stack Overflow first, and browse existing issues to see if someone has asked your question before.
 
@@ -52,11 +52,7 @@ Before you install Azure AD Connect, there are a few things that you need.
 >[!IMPORTANT]
 >Installing Azure AD Connect on small business server, server essentials, or server core is not supported.
 
-* Azure AD Connect must be installed on Windows Server 2008 R2 or later. This server must be domain joined and may be a domain controller or a member server.
-* If you install Azure AD Connect on Windows Server 2008 R2, then make sure to apply the latest hotfixes from Windows Update. The installation is not able to start with an unpatched server.
-* If you plan to use the feature **password synchronization**, then the Azure AD Connect server must be on Windows Server 2008 R2 SP1 or later.
-* If you plan to use a **group managed service account**, then the Azure AD Connect server must be on Windows Server 2012 or later.
-* The Azure AD Connect server must have [.NET Framework 4.5.1](#component-prerequisites) or later and [Microsoft PowerShell 3.0](#component-prerequisites) or later installed.
+* Azure AD Connect must be installed on Windows Server 2012 or later. This server must be domain joined and may be a domain controller or a member server.
 * The Azure AD Connect server must not have PowerShell Transcription Group Policy enabled if you are using Azure AD Connect wizard to manage ADFS configuration. You can enable PowerShell transcription if you are using Azure AD Connect wizard to manage sync configuration.
 * If Active Directory Federation Services is being deployed, the servers where AD FS or Web Application Proxy are installed must be Windows Server 2012 R2 or later. [Windows remote management](#windows-remote-management) must be enabled on these servers for remote installation.
 * If Active Directory Federation Services is being deployed, you need [SSL Certificates](#ssl-certificate-requirements).
@@ -138,22 +134,17 @@ Azure AD Connect depends on Microsoft PowerShell and .NET Framework 4.5.1. You n
 * Windows Server 2012R2
   * Microsoft PowerShell is installed by default. No action is required.
   * .NET Framework 4.5.1 and later releases are offered through Windows Update. Make sure you have installed the latest updates to Windows Server in the Control Panel.
-* Windows Server 2008 R2 and Windows Server 2012
+* Windows Server 2012
   * The latest version of Microsoft PowerShell is available in **Windows Management Framework 4.0**, available on [Microsoft Download Center](https://www.microsoft.com/downloads).
   * .NET Framework 4.5.1 and later releases are available on [Microsoft Download Center](https://www.microsoft.com/downloads).
 
 
 ### Enable TLS 1.2 for Azure AD Connect
 Prior to version 1.1.614.0, Azure AD Connect by default uses TLS 1.0 for encrypting the communication between the sync engine server and Azure AD. You can change this by configuring .NET applications to use TLS 1.2 by default on the server. More information about TLS 1.2 can be found in [Microsoft Security Advisory 2960358](https://technet.microsoft.com/security/advisory/2960358).
 
-1. TLS 1.2 cannot be enabled prior to Windows Server 2008 R2 or earlier. Make sure you have the .NET 4.5.1 hotfix installed for your operating system, see [Microsoft Security Advisory 2960358](https://technet.microsoft.com/security/advisory/2960358). You might have this hotfix or a later release installed on your server already.
-2. If you use Windows Server 2008 R2, then make sure TLS 1.2 is enabled. On Windows Server 2012 server and later versions, TLS 1.2 should already be enabled.
+1.  Make sure you have the .NET 4.5.1 hotfix installed for your operating system, see [Microsoft Security Advisory 2960358](https://technet.microsoft.com/security/advisory/2960358). You might have this hotfix or a later release installed on your server already.
     ```
-    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]
-    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001
-    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server] "DisabledByDefault"=dword:00000000 "Enabled"=dword:00000001
-    ```
-3. For all operating systems, set this registry key and restart the server.
+2. For all operating systems, set this registry key and restart the server.
     ```
     HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319
     "SchUseStrongCrypto"=dword:00000001
 
@@ -35,7 +35,7 @@ Not all releases of Azure AD Connect will be made available for auto upgrade. Th
 
 ## 1.4.38.0
 ### Release status
-12/6/2019: Release for download. Not available through auto-upgrade.
+12/9/2019: Release for download. Not available through auto-upgrade.
 ### New features and improvements
 - We updated Password Hash Sync for Azure AD Domain Services to properly account for padding in Kerberos hashes.  This will provide a performance improvement during password synchronization from AAD to Azure AD Domain Services.
 - We added support for reliable sessions between the authentication agent and service bus.
 
@@ -146,9 +146,9 @@ In this example, the Developer Console is the client-app. The following steps de
 
 1. Select **Create**.
 
-1. Go back to the **Settings** page of your client-app.
+1. Go back to your client-app and select **Authentication**.
 
-1. Select **Reply URLs**, and paste the **redirect_url** in the first row. In this example, you replaced `https://localhost` with the URL in the first row.  
+1. Under **Redirect URIs**, select the type as **Web**, paste the **redirect_url** under **Redirect URI**, and then save.
 
 Now that you have configured an OAuth 2.0 authorization server, the Developer Console can obtain access tokens from Azure AD. 
 
 
@@ -1,14 +1,13 @@
 ---
-title: Quickstart to learn how to Use Azure Cache for Redis with .NET Core apps
+title: 'Quickstart: Use Azure Cache for Redis with .NET Core apps'
 description: In this quickstart, learn how to access Azure Cache for Redis in your .NET Core apps
 author: yegu-ms
-
+ms.author: yegu
 ms.service: cache
 ms.devlang: dotnet
+ms.custom: mvc
 ms.topic: quickstart
 ms.date: 05/18/2018
-ms.author: yegu
-ms.custom: mvc
 #Customer intent: As a .NET Core developer, new to Azure Cache for Redis, I want to create a new .NET Core app that uses Azure Cache for Redis.
 ---
 # Quickstart: Use Azure Cache for Redis with a .NET Core app
 
@@ -1,14 +1,14 @@
 ---
-title: Quickstart to learn how to Use Azure Cache for Redis with .NET apps
+title: 'Quickstart: Use Azure Cache for Redis with .NET apps'
 description: In this quickstart, learn how to access Azure Cache for Redis from your .NET apps
 author: yegu-ms
-
+ms.author: yegu
 ms.service: cache
 ms.devlang: dotnet
 ms.topic: quickstart
-ms.date: 05/18/2018
-ms.author: yegu
 ms.custom: mvc
+ms.date: 05/18/2018
+
 #Customer intent: As a .NET developer, new to Azure Cache for Redis, I want to create a new .NET app that uses Azure Cache for Redis.
 ---
 # Quickstart: Use Azure Cache for Redis with a .NET Framework application
 
@@ -1,13 +1,11 @@
 ---
-title: How to configure Redis clustering for a Premium Azure Cache for Redis
+title: Configure Redis clustering - Premium Azure Cache for Redis
 description: Learn how to create and manage Redis clustering for your Premium tier Azure Cache for Redis instances
 author: yegu-ms
-
+ms.author: yegu
 ms.service: cache
 ms.topic: conceptual
 ms.date: 06/13/2018
-ms.author: yegu
-
 ---
 # How to configure Redis clustering for a Premium Azure Cache for Redis
 Azure Cache for Redis has different cache offerings, which provide flexibility in the choice of cache size and features, including Premium tier features such as clustering, persistence, and virtual network support. This article describes how to configure clustering in a premium Azure Cache for Redis instance.