Merge pull request #95726 from MicrosoftDocs/master

11/12 PM Publish

Author: huypub

.openpublishing.redirection.json

@@ -520,6 +520,11 @@
       "redirect_url": "/azure/machine-learning",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/cognitive-services/LUIS/luis-how-to-add-example-utterances.md",
+      "redirect_url": "/azure/cognitive-services/LUIS/luis-how-to-add-entities",
+      "redirect_document_id": false
+    },  
     {
       "source_path": "articles/cognitive-services/LUIS/luis-tutorial-prebuilt-intents-entities.md",
       "redirect_url": "/azure/cognitive-services/LUIS/tutorial-machine-learned-entity",

articles/active-directory/b2b/add-users-administrator.md

@@ -7,7 +7,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: B2B
 ms.topic: conceptual
-ms.date: 04/11/2019
+ms.date: 11/12/2019
 
 ms.author: mimart
 author: msmimart
@@ -44,14 +44,18 @@ To add B2B collaboration users to the directory, follow these steps:
    > [!NOTE]
    > The **New guest user** option is also available on the **Organizational relationships** page. In **Azure Active Directory**, under **Manage**, select **Organizational relationships**.
 
-5. Under **User name**, enter the email address of the external user. Optionally, include a welcome message. For example:
-
-   ![Shows where New guest user is in the UI](./media/add-users-administrator/InviteGuest.png) 
+5. On the **New user** page, select **Invite user** and then add the guest user's information. 
 
     > [!NOTE]
     > Group email addresses aren’t supported; enter the email address for an individual. Also, some email providers allow users to add a plus symbol (+) and additional text to their email addresses to help with things like inbox filtering. However, Azure AD doesn’t currently support plus symbols in email addresses. To avoid delivery issues, omit the plus symbol and any characters following it up to the @ symbol.
 
-6. Select **Invite** to automatically send the invitation to the guest user. 
+   - **Name.** The first and last name of the guest user.
+   - **Email address (required)**. The email address of the guest user.
+   - **Personal message (optional)** Include a personal welcome message to the guest user.
+   - **Groups**: You can add the guest user to one or more existing groups, or you can do it later.
+   - **Directory role**: If you require Azure AD administrative permissions for the user, you can add them to an Azure AD role. 
+
+7. Select **Invite** to automatically send the invitation to the guest user. 
 
 After you send the invitation, the user account is automatically added to the directory as a guest.
 

articles/active-directory/b2b/b2b-quickstart-add-guest-users-portal.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: B2B
 ms.topic: quickstart
-ms.date: 07/02/2018
+ms.date: 11/12/2019
 
 ms.author: mimart
 author: msmimart
@@ -44,9 +44,13 @@ To complete the scenario in this tutorial, you need:
 
     ![Screenshot showing where to select the New guest user option](media/quickstart-add-users-portal/quickstart-users-portal-user-3.png)
 
-5.	Under **User name**, enter the email address of the external user. Under **Include a personal message with the invitation**, type a welcome message. 
+5. On the **New user** page, select **Invite user** and then add the guest user's information. 
 
-    ![Screenshot showing where to enter the guest user invitation message](media/quickstart-add-users-portal/quickstart-users-portal-user-4.png)
+   - **Name.** The first and last name of the guest user.
+   - **Email address (required)**. The email address of the guest user.
+   - **Personal message (optional)** Include a personal welcome message to the guest user.
+   - **Groups**: You can add the guest user to one or more existing groups, or you can do it later.
+   - **Directory role**: If you require Azure AD administrative permissions for the user, you can add them to an Azure AD role. 
 
 6. Select **Invite** to automatically send the invitation to the guest user. A notification appears in the upper right with the message **Successfully invited user**. 
 7.	After you send the invitation, the user account is automatically added to the directory as a guest.

articles/active-directory/develop/TOC.yml

@@ -392,9 +392,9 @@
         href: active-directory-configurable-token-lifetimes.md
     - name: Application configuration
       items:
-      - name: Azure portal app registrations training guide (legacy)
+      - name: Transitioning from App registrations (Legacy) to the new App registrations experience in the Azure portal
         href: app-registrations-training-guide-for-app-registrations-legacy-users.md
-      - name: Application Registration Portal app registration guide
+      - name: Transitioning from Application Registration Portal to the new App registrations experience in the Azure portal
         href: app-registration-portal-training-guide.md
       - name: Convert a single-tenant app to a multi-tenant app
         href: howto-convert-app-to-be-multi-tenant.md

articles/active-directory/develop/app-registration-portal-training-guide.md

@@ -1,6 +1,7 @@
 ---
-title: Application Registration Portal app registrations training guide - Microsoft identity platform | Azure
-description: App registrations in the Azure portal for users familiar with Application registration portal
+title: Transitioning from Application Registration Portal to the new App registrations experience in the Azure portal
+titleSuffix: Microsoft identity platform
+description: An introduction to the new App registration experience in the Azure portal
 services: active-directory
 documentationcenter: ''
 author: archieag
@@ -20,7 +21,7 @@ ms.custom: aaddev
 ms.collection: M365-identity-device-management
 ---
 
-# Training guide: Using App registrations in the Azure portal instead of Application Registration Portal
+# Transitioning from Application Registration Portal to the new App registrations experience in the Azure portal
 
 There are many improvements in the new [App registrations](https://go.microsoft.com/fwlink/?linkid=2083908) experience in the Azure portal. If you're more familiar with the Application registration portal (apps.dev.microsoft.com) experience for registering or managing converged applications, referred to as the old experience, this training guide will get you started using the new experience.
 
@@ -113,15 +114,15 @@ separate pages. Here's where you can find the equivalent functionality:
 
 -   Advanced option - Live SDK support is on the Authentication page.
 
-## Application Secrets/Certificates & secrets
+## Application secrets/Certificates & secrets
 
 In the new experience, **Application secrets** have been renamed to
 **Certificates & secrets**. In addition, **Public keys** are referred to as
 **Certificates** and **Passwords** are referred to as **Client secrets**. We
 chose to not bring this functionality along in the new experience for
 security reasons, hence, you can no longer generate a new key pair.
 
-## Platforms/Authentication - Reply URLs/Redirect URIs
+## Platforms/Authentication: Reply URLs/redirect URIs
 In the old experience, an app had Platforms section for Web, native, and
 Web API to configure Redirect URLs, Logout URL and Implicit flow.
 
@@ -138,7 +139,7 @@ Web APIs are configured in Expose an API page.
 configure settings for your application based on the platform or device
 that you want to target. [Learn more](quickstart-configure-app-access-web-apis.md#configure-platform-settings-for-your-application)
 
-## Microsoft Graph Permissions/API permissions
+## Microsoft Graph permissions/API permissions
 
 -   When selecting an API in the old experience, you could choose from
     Microsoft Graph APIs only. In the new experience, you can choose
@@ -172,7 +173,7 @@ the manifest editor or the API, or didn't exist.
 
 -   Implicit grant flow (oauth2AllowImplicitFlow) can be found on the
     Authentication page. Unlike the old experience, you can enable
-    access tokens or id tokens, or both.
+    access tokens or ID tokens, or both.
 
 -   Scopes defined by this API (oauth2Permissions) and Authorized client
     applications (preAuthorizedApplications) can be configured through
@@ -202,4 +203,4 @@ The new experience has the following limitations:
     between Azure AD single-tenant and multi-tenant.
 
    > [!NOTE]
-   > If you're a personal Microsoft account user in Azure AD tenant, and the tenant admin has restricted access to Azure portal, you may get an access denied. However, if you come through the shortcut by typing App registrations in the search bar or pinning it, you'll be able to access the new experience.
+   > If you're a personal Microsoft account user in Azure AD tenant, and the tenant admin has restricted access to Azure portal, you may get an access denied. However, if you come through the shortcut by typing App registrations in the search bar or pinning it, you'll be able to access the new experience.

articles/active-directory/develop/howto-configure-publisher-domain.md

@@ -21,7 +21,7 @@ ms.custom: aaddev
 ms.collection: M365-identity-device-management
 ---
 
-# How to: Configure an application's publisher domain (Preview)
+# How to: Configure an application's publisher domain
 
 An application’s publisher domain is displayed to users on the [application’s consent prompt](application-consent-experience.md) to let users know where their information is being sent. Multi-tenant applications that are registered after May 21, 2019 that don't have a publisher domain show up as **unverified**. Multi-tenant applications are applications that support accounts outside of a single organizational directory; for example, support all Azure AD accounts, or support all Azure AD accounts and personal Microsoft accounts.
 

articles/active-directory/fundamentals/add-users-azure-active-directory.md

@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: fundamentals
 ms.topic: conceptual
-ms.date: 11/11/2019
+ms.date: 11/12/2019
 ms.author: ajburnle
 ms.reviewer: jeffsta
 ms.custom: "it-pro, seodec18"
@@ -40,20 +40,28 @@ You can create a new user using the Azure Active Directory portal.
 
    - **User name (required)**: The user name of the new user. For example, [email protected].
 
-     The domain part of the user name must use either the initial default domain name, <_yourdomainname_>.onmicrosoft.com, or a custom domain name in your Azure AD organization such as contoso.com. For more information about how to create a custom domain name, see [How to add a custom domain name to Azure Active Directory](add-custom-domain.md).
+     The domain part of the user name must use either the initial default domain name, <_yourdomainname_>.onmicrosoft.com, or a custom domain name in your Azure AD organization such as contoso.com. You can select from the list of available domains. You can also filter the list by typing a portion of the domain name. For more information about how to create a custom domain name, see [How to add a custom domain name to Azure Active Directory](add-custom-domain.md).
 
    - **Groups**: You can add the user to one or more existing groups, or you can do it later. For more information about adding users to groups, see [How to create a basic group and add members](active-directory-groups-create-azure-portal.md).
 
    - **Directory role**: If you require Azure AD administrative permissions for the user, you can add them to an Azure AD role. You can assign the user to be a Global administrator or one or more of the limited administrator roles in Azure AD. For more information about assigning roles, see [How to assign roles to users](active-directory-users-assign-role-azure-portal.md).
 
    - **Job info**: You can add more information about the user here, or do it later. For more information about adding user info, see [How to add or change user profile information](active-directory-users-profile-azure-portal.md).
 
-4. Copy the auto-generated password provided in the **Password** box. You'll need to give this password to the user for the initial sign-in process.
+4. Copy the auto-generated password provided in the **Password** box. You can choose to use the auto-generated password provided in the Password box or create a custom password. You'll need to give this password to the user for the initial sign-in process.
 
 5. Select **Create**.
 
 The user is created and added to your Azure AD organization.
 
+## Add a new guest user
+
+You can also invite new guest user to collaborate with your organization by selecting **Invite user** from the **New user** page. If your organization's external collaboration settings are configured such that you're allowed to invite guests, the user will be emailed an invitation they must accept in order to begin collaborating. For more information about inviting B2B collaboration users, see [Invite B2B users to Azure Active Directory](../b2b/add-users-administrator.md)
+
+## Add a consumer user
+
+There might be scenarios in which you want to manually create consumer accounts in your Azure Active Directory B2C (Azure AD B2C) directory. For more information about creating consumer accounts, see [Create and delete consumer users in Azure AD B2C](../../active-directory-b2c/manage-users-portal.md).
+
 ## Add a new user within a hybrid environment
 
 If you have an environment with both Azure Active Directory (cloud) and Windows Server Active Directory (on-premises), you can add new users by syncing the existing user account data. For more information about hybrid environments and users, see [Integrate your on-premises directories with Azure Active Directory](../hybrid/whatis-hybrid-identity.md).

articles/active-directory/manage-apps/application-proxy-configure-cookie-settings.md

@@ -29,9 +29,9 @@ Azure Active Directory (Azure AD) has access and session cookies for accessing o
 | Use Persistent Cookie | **No** | **Yes** allows Application Proxy to set its access cookies to not expire when the web browser is closed. The persistence lasts until the access token expires, or until the user manually deletes the persistent cookies. | Use **No** because of the security risk associated with keeping users authenticated.<br></br><br></br>We suggest only using **Yes** for older applications that can't share cookies between processes. It's better to update your application to handle sharing cookies between processes instead of using persistent cookies. For example, you might need persistent cookies to allow a user to open Office documents in explorer view from a SharePoint site. Without persistent cookies, this operation might fail if the access cookies aren't shared between the browser, the explorer process, and the Office process. |
 
 ## SameSite Cookies
-Starting in version [Chrome 80](https://support.google.com/chrome/a/answer/7679408?hl=en) and eventually in browsers leveraging [Chromium](https://blog.chromium.org/2019/10/developers-get-ready-for-new.html), cookies that do not specify the [SameSite](https://web.dev/samesite-cookies-explained) attribute will be treated as if they were set to **SameSite=Lax**. The SameSite attribute declares how cookies should be restricted to a same-site context. When set to Lax, the cookie is only to sent to same-site requests or top-level navigation. However, Application Proxy requires these cookies to be preserved in the third-party context in order to keep users properly signed in during their session. Due to this, we are making updates to the Application Proxy access and session cookies to avoid adverse impact from this change. The updates include:
+Starting in version Chrome 80 and eventually in browsers leveraging Chromium, cookies that do not specify the [SameSite](https://web.dev/samesite-cookies-explained) attribute will be treated as if they were set to **SameSite=Lax**. The SameSite attribute declares how cookies should be restricted to a same-site context. When set to Lax, the cookie is only to sent to same-site requests or top-level navigation. However, Application Proxy requires these cookies to be preserved in the third-party context in order to keep users properly signed in during their session. Due to this, we are making updates to the Application Proxy access and session cookies to avoid adverse impact from this change. The updates include:
 
-* Setting the **SameSite** attribute to **None**- This allows Application Proxy access and sessions cookies to be properly sent in the third-party context.
+* Setting the **SameSite** attribute to **None**. This allows Application Proxy access and sessions cookies to be properly sent in the third-party context.
 * Setting the **Use Secure Cookie** setting to use **Yes** as the default. Chrome also requires the cookies to specify the Secure flag or it will be rejected. This change will apply to all existing applications published through Application Proxy. Note that Application Proxy access cookies have always been set to Secure and only transmitted over HTTPS. This change will only apply to the session cookies.
 
 These changes to Application Proxy cookies will roll out over the course of the next several weeks before the Chrome 80 release date.

articles/active-directory/reports-monitoring/concept-activity-logs-azure-monitor.md

@@ -3,7 +3,7 @@ title: Azure Active Directory activity logs in Azure Monitor | Microsoft Docs
 description: Introduction to Azure Active Directory activity logs in Azure Monitor
 services: active-directory
 documentationcenter: ''
-author: cawrites
+author: MarkusVi
 manager: daveba
 editor: ''
 
@@ -15,7 +15,7 @@ ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: report-monitor
 ms.date: 04/22/2019
-ms.author: chadam
+ms.author: markvi
 ms.reviewer: dhanyahk
 
 ms.collection: M365-identity-device-management

articles/active-directory/reports-monitoring/concept-audit-logs.md

@@ -4,7 +4,7 @@ title: Audit activity reports in the Azure Active Directory portal | Microsoft D
 description: Introduction to the audit activity reports in the Azure Active Directory portal
 services: active-directory
 documentationcenter: ''
-author: cawrites
+author: MarkusVi
 manager: daveba
 editor: ''
 
@@ -16,7 +16,7 @@ ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: report-monitor
 ms.date: 07/17/2019
-ms.author: chadam
+ms.author: markvi
 ms.reviewer: dhanyahk
 
 ms.collection: M365-identity-device-management