MicrosoftDocs
diff --git a/‎articles/active-directory/develop/media/sample-v2-code/logo_vue.png
4 KB b/‎articles/active-directory/develop/media/sample-v2-code/logo_vue.png
4 KB
diff --git a/‎articles/active-directory/develop/reference-v2-libraries.md
Lines changed: 1 addition & 0 deletions b/‎articles/active-directory/develop/reference-v2-libraries.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎articles/active-directory/hybrid/reference-connect-version-history.md
Lines changed: 12 additions & 0 deletions b/‎articles/active-directory/hybrid/reference-connect-version-history.md
Lines changed: 12 additions & 0 deletions
diff --git a/‎articles/active-directory/saas-apps/smarteru-tutorial.md
Lines changed: 1 addition & 2 deletions b/‎articles/active-directory/saas-apps/smarteru-tutorial.md
Lines changed: 1 addition & 2 deletions
diff --git a/‎articles/aks/concepts-security.md
Lines changed: 11 additions & 2 deletions b/‎articles/aks/concepts-security.md
Lines changed: 11 additions & 2 deletions
diff --git a/‎articles/automation/automation-hybrid-runbook-worker.md
Lines changed: 1 addition & 1 deletion b/‎articles/automation/automation-hybrid-runbook-worker.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/automation/troubleshoot/update-agent-issues-linux.md
Lines changed: 7 additions & 7 deletions b/‎articles/automation/troubleshoot/update-agent-issues-linux.md
Lines changed: 7 additions & 7 deletions
diff --git a/‎articles/automation/troubleshoot/update-agent-issues.md
Lines changed: 14 additions & 11 deletions b/‎articles/automation/troubleshoot/update-agent-issues.md
Lines changed: 14 additions & 11 deletions
diff --git a/‎articles/azure-app-configuration/overview-managed-identity.md
Lines changed: 2 additions & 3 deletions b/‎articles/azure-app-configuration/overview-managed-identity.md
Lines changed: 2 additions & 3 deletions
diff --git a/‎articles/azure-app-configuration/quickstart-feature-flag-spring-boot.md
Lines changed: 2 additions & 2 deletions b/‎articles/azure-app-configuration/quickstart-feature-flag-spring-boot.md
Lines changed: 2 additions & 2 deletions
@@ -84,6 +84,7 @@ See also [Scenarios by supported platforms and languages](authentication-flows-a
 | Platform | Library name | Tested version | Source code | Sample |
 |:---:|:---:|:---:|:---:|:---:|
 |![JavaScript](media/sample-v2-code/logo_js.png)|[Hello.js](https://adodson.com/hello.js/) | Version 1.13.5 |[Hello.js](https://github.com/MrSwitch/hello.js) |[SPA](https://github.com/Azure-Samples/active-directory-javascript-graphapi-v2) |
+|![Vue](media/sample-v2-code/logo_vue.png)|[Vue MSAL](https://github.com/mvertopoulos/vue-msal) | Version 3.0.3 |[vue-msal](https://github.com/mvertopoulos/vue-msal) | |
 | ![Java](media/sample-v2-code/logo_java.png) | [Scribe Java](https://github.com/scribejava/scribejava) | [Version 3.2.0](https://github.com/scribejava/scribejava/releases/tag/scribejava-3.2.0) | [ScribeJava](https://github.com/scribejava/scribejava/) | |
 | ![Java](media/sample-v2-code/logo_java.png) | [Gluu OpenID Connect library](https://github.com/GluuFederation/oxAuth) | [Version 3.0.2](https://github.com/GluuFederation/oxAuth/releases/tag/3.0.2) | [Gluu OpenID Connect library](https://github.com/GluuFederation/oxAuth) | |
 | ![Python](media/sample-v2-code/logo_python.png) | [Requests-OAuthlib](https://github.com/requests/requests-oauthlib) | [Version 1.2.0](https://github.com/requests/requests-oauthlib/releases/tag/v1.2.0) | [Requests-OAuthlib](https://github.com/requests/requests-oauthlib) | |
 
@@ -43,6 +43,17 @@ Not all releases of Azure AD Connect will be made available for auto upgrade. Th
 >
 >Please refer to [this article](https://docs.microsoft.com/azure/active-directory/hybrid/how-to-upgrade-previous-version) to learn more about how to upgrade Azure AD Connect to the latest version.
 
+## 1.5.30.0
+
+### Release status
+05/07/2020: Released for download
+
+### Fixed issues
+- Fixed an issue where unselected domains were getting incorrectly selected from the wizard UI.
+- Fixed an issue in the ADSyncConfig PowerShell module, where invoking DSACLS command used in all the Set-ADSync* Permissions cmdlets would cause one of the following errors:
+     - `GrantAclsNoInheritance : The parameter is incorrect.   The command failed to complete successfully.`
+     - `GrantAcls : No GUID Found for computer …`
+
 ## 1.5.29.0
 
 ### Release status
@@ -100,6 +111,7 @@ This hotfix build fixes an issue with build 1.5.18.0 if you have the Group Filte
 - Fixed an issue with the creation of the Azure Active Directory synchronization account where enabling Directory Extensions or PHS may fail because the account has not propagated across all service replicas before attempted use. 
 - Fixed a bug in the sync errors compression utility that was not handling surrogate characters correctly. 
 - Fixed a bug in the auto upgrade which left the server in the scheduler suspended state. 
+- Fixed a bug in the Domain/OU filtering page that would remove the Run Profiles of a domain by just partially expanding the domain tree, without making any changes.
 
 ## 1.4.38.0
 ### Release status
 
@@ -18,12 +18,11 @@ ms.date: 03/19/2019
 ms.author: jeedes
 
 ---
+# Tutorial: Azure Active Directory integration with SmarterU
 
 > [!NOTE]
 > The process for integrating SmarterU with Azure Active Directory is also documented and maintained in the [SmarterU help system](https://help.smarteru.com/ID2053086).
 
-# Tutorial: Azure Active Directory integration with SmarterU
-
 In this tutorial, you learn how to integrate SmarterU with Azure Active Directory (Azure AD).
 Integrating SmarterU with Azure AD provides you with the following benefits:
 
 
@@ -3,7 +3,7 @@ title: Concepts - Security in Azure Kubernetes Services (AKS)
 description: Learn about security in Azure Kubernetes Service (AKS), including master and node communication, network policies, and Kubernetes secrets.
 services: container-service
 ms.topic: conceptual
-ms.date: 03/01/2019
+ms.date: 05/08/2020
 
 ---
 
@@ -23,7 +23,9 @@ This article introduces the core concepts that secure your applications in AKS:
 
 In AKS, the Kubernetes master components are part of the managed service provided by Microsoft. Each AKS cluster has its own single-tenanted, dedicated Kubernetes master to provide the API Server, Scheduler, etc. This master is managed and maintained by Microsoft.
 
-By default, the Kubernetes API server uses a public IP address and a fully qualified domain name (FQDN). You can control access to the API server using Kubernetes role-based access controls and Azure Active Directory. For more information, see [Azure AD integration with AKS][aks-aad].
+By default, the Kubernetes API server uses a public IP address and a fully qualified domain name (FQDN). You can limit access to the API server endpoint using [authorized IP ranges][authorized-ip-ranges]. You can also create a fully [private cluster][private-clusters] to limit API server access to your virtual network.
+
+You can control access to the API server using Kubernetes role-based access controls and Azure Active Directory. For more information, see [Azure AD integration with AKS][aks-aad].
 
 ## Node security
 
@@ -62,6 +64,10 @@ For connectivity and security with on-premises networks, you can deploy your AKS
 
 To filter the flow of traffic in virtual networks, Azure uses network security group rules. These rules define the source and destination IP ranges, ports, and protocols that are allowed or denied access to resources. Default rules are created to allow TLS traffic to the Kubernetes API server. As you create services with load balancers, port mappings, or ingress routes, AKS automatically modifies the network security group for traffic to flow appropriately.
 
+### Kubernetes network policy
+
+To limit network traffic between pods in your cluster, AKS offers support for [Kubernetes network policies][network-policy]. With network policies, you can choose to allow or deny specific network paths within the cluster based on namespaces and label selectors.
+
 ## Kubernetes Secrets
 
 A Kubernetes *Secret* is used to inject sensitive data into pods, such as access credentials or keys. You first create a Secret using the Kubernetes API. When you define your pod or deployment, a specific Secret can be requested. Secrets are only provided to nodes that have a scheduled pod that requires it, and the Secret is stored in *tmpfs*, not written to disk. When the last pod on a node that requires a Secret is deleted, the Secret is deleted from the node's tmpfs. Secrets are stored within a given namespace and can only be accessed by pods within the same namespace.
@@ -100,3 +106,6 @@ For additional information on core Kubernetes and AKS concepts, see the followin
 [operator-best-practices-cluster-security]: operator-best-practices-cluster-security.md
 [developer-best-practices-pod-security]:developer-best-practices-pod-security.md
 [nodepool-upgrade]: use-multiple-node-pools.md#upgrade-a-node-pool
+[authorized-ip-ranges]: api-server-authorized-ip-ranges.md
+[private-clusters]: private-clusters.md
+[network-policy]: use-network-policies.md
@@ -36,7 +36,7 @@ The process to install a Hybrid Runbook Worker depends on the operating system.
 
 The recommended installation method is to use an Azure Automation runbook to completely automate the process of configuring a Windows computer. The second method is to follow a step-by-step procedure to manually install and configure the role. For Linux machines, you run a Python script to install the agent on the machine.
 
-## <a name="network-planning"></a>Network configuration
+## <a name="network-planning"></a>Network planning
 
 For the Hybrid Runbook Worker to connect to and register with Azure Automation, it must have access to the port number and URLs described in this section. The worker must also have access to the [ports and URLs required for Log Analytics agent](../azure-monitor/platform/agent-windows.md) to connect to the Azure Monitor Log Analytics workspace.
 
 
@@ -77,14 +77,14 @@ This check determines if the agent is reporting to multiple workspaces. Multihom
 
 ### Hybrid Runbook Worker
 
-This check verifies if the Log Analytics agent for Linux has the Hybrid Runbook Worker package. This package is required for Update Management to work.
+This check verifies if the Log Analytics agent for Linux has the Hybrid Runbook Worker package. This package is required for Update Management to work. To learn more, see [The Log Analytics agent for Linux isn't running](hybrid-runbook-worker.md#oms-agent-not-running).
+
+Update Management downloads Hybrid Runbook Worker packages from the operations endpoint. Therefore, if the Hybrid Runbook Worker is not running and the [operations endpoint](#operations-endpoint) fails, the update can fail.
 
 ### Hybrid Runbook Worker status
 
-This check makes sure the Hybrid Runbook Worker is running on the machine. The following processes should be present if the Hybrid Runbook Worker is running correctly. To learn more, see [Troubleshooting the Log Analytics Agent for Linux](hybrid-runbook-worker.md#oms-agent-not-running).
+This check makes sure the Hybrid Runbook Worker is running on the machine. The processes in the example below should be present if the Hybrid Runbook Worker is running correctly.
 
-> [!NOTE]
-> If the Hybrid Runbook Worker is not running and the operations endpoint has failed, the update can fail. Update Management downloads the hybrid worker packages from the operations endpoint.
 
 ```bash
 nxautom+   8567      1  0 14:45 ?        00:00:00 python /opt/microsoft/omsconfig/modules/nxOMSAutomationWorker/DSCResources/MSFT_nxOMSAutomationWorkerResource/automationworker/worker/main.py /var/opt/microsoft/omsagent/state/automationworker/oms.conf rworkspace:<workspaceId> <Linux hybrid worker version>
@@ -102,13 +102,13 @@ This check makes sure that the machine has access to the internet.
 
 This check determines if the Hybrid Runbook Worker can properly communicate with Azure Automation in the Log Analytics workspace.
 
-Proxy and firewall configurations must allow the Hybrid Runbook Worker agent to communicate with the registration endpoint. For a list of addresses and ports to open, see [Network planning for Hybrid Workers](../automation-hybrid-runbook-worker.md#network-planning).
+Proxy and firewall configurations must allow the Hybrid Runbook Worker agent to communicate with the registration endpoint. For a list of addresses and ports to open, see [Network planning](../automation-hybrid-runbook-worker.md#network-planning).
 
 ### Operations endpoint
 
-This check determines if the agent can properly communicate with the Job Runtime Data Service.
+This check determines if the Log Analytics agent can properly communicate with the Job Runtime Data Service.
 
-Proxy and firewall configurations must allow the Hybrid Runbook Worker agent to communicate with the Job Runtime Data Service. For a list of addresses and ports to open, see [Network planning for Hybrid Workers](../automation-hybrid-runbook-worker.md#network-planning).
+Proxy and firewall configurations must allow the Hybrid Runbook Worker agent to communicate with the Job Runtime Data Service. For a list of addresses and ports to open, see [Network planning](../automation-hybrid-runbook-worker.md#network-planning).
 
 ### Log Analytics endpoint 1
 
 
@@ -22,21 +22,21 @@ There can be many reasons why your machine isn't showing up as ready (healthy) i
 > [!NOTE]
 > There can be a slight delay between what the Azure portal shows and the current state of a machine.
 
-This article discusses how to run the troubleshooter for Azure machines from the Azure portal, and non-Azure machines in the [offline scenario](#troubleshoot-offline). The troubleshooter now includes checks for Windows Server Update Services (WSUS) and for the autodownload and install keys.
+This article discusses how to run the troubleshooter for Azure machines from the Azure portal, and non-Azure machines in the [offline scenario](#troubleshoot-offline). 
 
 > [!NOTE]
-> The troubleshooter script currently doesn't route traffic through a proxy server if one is configured.
+> The troubleshooter script now includes checks for Windows Server Update Services (WSUS) and for the autodownload and install keys. 
 
 ## Start the troubleshooter
 
-For Azure machines, you can launch the **Troubleshoot Update Agent** page by selecting the **Troubleshoot** link under the **Update Agent Readiness** column in the portal. For non-Azure machines, the link brings you to this article. See the [offline instructions](#troubleshoot-offline) to troubleshoot a non-Azure machine.
+For Azure machines, you can launch the Troubleshoot Update Agent page by selecting the **Troubleshoot** link under the **Update Agent Readiness** column in the portal. For non-Azure machines, the link brings you to this article. See the [offline instructions](#troubleshoot-offline) to troubleshoot a non-Azure machine.
 
 ![Screenshot of the Update Management list of virtual machines](../media/update-agent-issues/vm-list.png)
 
 > [!NOTE]
 > To check the health of the Hybrid Runbook Worker, the VM must be running. If the VM isn't running, a **Start the VM** button appears.
 
-On the **Troubleshoot Update Agent** page, select **Run checks** to start the troubleshooter. The troubleshooter uses [Run Command](../../virtual-machines/windows/run-command.md) to run a script on the machine, to verify dependencies. When the troubleshooter is finished, it returns the result of the checks.
+On the Troubleshoot Update Agent page, select **Run checks** to start the troubleshooter. The troubleshooter uses [Run Command](../../virtual-machines/windows/run-command.md) to run a script on the machine, to verify dependencies. When the troubleshooter is finished, it returns the result of the checks.
 
 ![Screenshot of the Troubleshoot Update Agent page](../media/update-agent-issues/troubleshoot-page.png)
 
@@ -48,19 +48,19 @@ Results are shown on the page when they're ready. The checks sections show what'
 
 ### Operating system
 
-The operating system check verifies whether the Hybrid Runbook Worker is running one of the following operating systems:
+The operating system check verifies whether the Hybrid Runbook Worker is running one of the operating systems shown in the next table.
 
 |Operating system  |Notes  |
 |---------|---------|
 |Windows Server 2012 and later |.NET Framework 4.6 or later is required. ([Download the .NET Framework](/dotnet/framework/install/guide-for-developers).)<br/> Windows PowerShell 5.1 is required.  ([Download Windows Management Framework 5.1](https://www.microsoft.com/download/details.aspx?id=54616).)        |
 
 ### .NET 4.6.2
 
-The .NET Framework check verifies that the system has a minimum of [.NET Framework 4.6.2](https://www.microsoft.com/en-us/download/details.aspx?id=53345) installed.
+The .NET Framework check verifies that the system has [.NET Framework 4.6.2](https://www.microsoft.com/en-us/download/details.aspx?id=53345) or later installed.
 
 ### WMF 5.1
 
-The WMF check verifies that the system has the required version of the Windows Management Framework (WMF): [Windows Management Framework 5.1](https://www.microsoft.com/download/details.aspx?id=54616).
+The WMF check verifies that the system has the required version of the Windows Management Framework (WMF), which is [Windows Management Framework 5.1](https://www.microsoft.com/download/details.aspx?id=54616).
 
 ### TLS 1.2
 
@@ -72,30 +72,33 @@ This check determines whether you're using TLS 1.2 to encrypt your communication
 
 This check determines whether the agent can properly communicate with the agent service.
 
-Proxy and firewall configurations must allow the Hybrid Runbook Worker agent to communicate with the registration endpoint. For a list of addresses and ports to open, see [Network planning for Hybrid Workers](../automation-hybrid-runbook-worker.md#network-planning).
+Proxy and firewall configurations must allow the Hybrid Runbook Worker agent to communicate with the registration endpoint. For a list of addresses and ports to open, see [Network planning](../automation-hybrid-runbook-worker.md#network-planning).
 
 ### Operations endpoint
 
 This check determines whether the agent can properly communicate with the Job Runtime Data Service.
 
-Proxy and firewall configurations must allow the Hybrid Runbook Worker agent to communicate with the Job Runtime Data Service. For a list of addresses and ports to open, see [Network planning for Hybrid Workers](../automation-hybrid-runbook-worker.md#network-planning).
+Proxy and firewall configurations must allow the Hybrid Runbook Worker agent to communicate with the Job Runtime Data Service. For a list of addresses and ports to open, see [Network planning](../automation-hybrid-runbook-worker.md#network-planning).
 
 ## VM service health checks
 
 ### Monitoring agent service status
 
 This check determines if the Log Analytics agent for Windows (`healthservice`) is running on the machine. To learn more about troubleshooting the service, see [The Log Analytics agent for Windows isn't running](hybrid-runbook-worker.md#mma-not-running).
 
-To reinstall the Log Analytics agent for Windows, see [Install and configure the Log Analytics agent for Windows](../../azure-monitor/learn/quick-collect-windows-computer.md#install-the-agent-for-windows).
+To reinstall the Log Analytics agent for Windows, see [Install the agent for Windows](../../azure-monitor/learn/quick-collect-windows-computer.md#install-the-agent-for-windows).
 
 ### Monitoring agent service events
 
 This check determines whether any 4502 events appear in the Azure Operations Manager log on the machine in the past 24 hours.
 
-To learn more about this event, see the [troubleshooting guide](hybrid-runbook-worker.md#event-4502) for this event.
+To learn more about this event, see the [Event 4502 in the Operations Manager log](hybrid-runbook-worker.md#event-4502) for this event.
 
 ## Access permissions checks
 
+> [!NOTE]
+> The troubleshooter currently doesn't route traffic through a proxy server if one is configured.
+
 ### Crypto folder access
 
 The Crypto folder access check determines whether the local system account has access to C:\ProgramData\Microsoft\Crypto\RSA.
 
@@ -1,11 +1,10 @@
 ---
 title: Configure managed identities with Azure App Configuration
 description: Learn how managed identities work in Azure App Configuration and how to configure a managed identity
-author: jpconnock
-
+author: barbkess
 ms.topic: article
 ms.date: 02/25/2020
-ms.author: jeconnoc
+ms.author: barbkess
 ms.reviewer: lcozzens
 ms.service: azure-app-configuration
 
 
@@ -59,7 +59,7 @@ Use the [Spring Initializr](https://start.spring.io/) to create a new Spring Boo
     ```xml
     <dependency>
         <groupId>com.microsoft.azure</groupId>
-        <artifactId>spring-cloud-azure-appconfiguration-config</artifactId>
+        <artifactId>spring-cloud-azure-appconfiguration-config-web</artifactId>
         <version>1.1.2</version>
     </dependency>
     <dependency>
@@ -78,7 +78,7 @@ Use the [Spring Initializr](https://start.spring.io/) to create a new Spring Boo
     ```xml
     <dependency>
         <groupId>com.microsoft.azure</groupId>
-        <artifactId>spring-cloud-azure-appconfiguration-config</artifactId>
+        <artifactId>spring-cloud-azure-appconfiguration-config-web</artifactId>
         <version>1.2.2</version>
     </dependency>
     <dependency>