Merge pull request #157705 from MicrosoftDocs/master

5/07 AM Publish

Author: huypub

.openpublishing.redirection.json

@@ -50030,6 +50030,11 @@
       "redirect_url": "/azure/active-directory/active-directory-b2b-admin-add-users",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/active-directory/external-identities/add-guest-to-role.md",
+      "redirect_url": "/azure/active-directory/external-identities/add-users-administrator",
+      "redirect_document_id": false
+      },
     {
       "source_path_from_root": "/articles/active-directory/active-directory-b2b-compare-external-identities.md",
       "redirect_url": "/azure/active-directory/active-directory-b2b-compare-b2c",
@@ -51036,14 +51041,14 @@
       "redirect_document_id": true
     },
     {
-      "source_path_from_root": "/articles/active-directory/active-directory-b2b-add-guest-to-role.md",
-      "redirect_url": "/azure/active-directory/b2b/add-guest-to-role",
+      "source_path_from_root": "/articles/active-directory/active-directory-b2b-admin-add-users.md",
+      "redirect_url": "/azure/active-directory/external-identities/add-users-administrator",
       "redirect_document_id": true
     },
     {
-      "source_path_from_root": "/articles/active-directory/active-directory-b2b-admin-add-users.md",
-      "redirect_url": "/azure/active-directory/b2b/add-users-administrator",
-      "redirect_document_id": true
+      "source_path_from_root": "/articles/active-directory/add-guest-to-role.md",
+      "redirect_url": "/azure/active-directory/b2b/add-guest-to-role",
+      "redirect_document_id": false
     },
     {
       "source_path_from_root": "/articles/active-directory/active-directory-b2b-iw-add-users.md",
@@ -52988,18 +52993,18 @@
     {
       "source_path_from_root": "/articles/active-directory/b2b/add-guest-to-role.md",
       "redirect_url": "/azure/active-directory/external-identities/add-guest-to-role",
-      "redirect_document_id": true
-    },
-    {
-      "source_path_from_root": "/articles/active-directory/b2b/add-users-administrator.md",
-      "redirect_url": "/azure/active-directory/external-identities/add-users-administrator",
-      "redirect_document_id": true
+      "redirect_document_id": false
     },
     {
       "source_path_from_root": "/articles/active-directory/b2b/add-users-information-worker.md",
       "redirect_url": "/azure/active-directory/external-identities/add-users-information-worker",
       "redirect_document_id": true
     },
+    {
+      "source_path_from_root": "/articles/active-directory/b2b/add-users-administrator.md",
+      "redirect_url": "/azure/active-directory/external-identities/add-users-administrator",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/active-directory/b2b/add-user-without-invite.md",
       "redirect_url": "/azure/active-directory/external-identities/add-user-without-invite",

articles/active-directory/develop/v2-permissions-and-consent.md

@@ -47,7 +47,7 @@ An app most commonly requests these permissions by specifying the scopes in requ
 
 The Microsoft identity platform supports two types of permissions: *delegated permissions* and *application permissions*.
 
-* **Delegated permissions** are used by apps that have a signed-in user present. For these apps, either the user or an administrator consents to the permissions that the app requests. The app is delegated permission to act as the signed-in user when it makes calls to the target resource. 
+* **Delegated permissions** are used by apps that have a signed-in user present. For these apps, either the user or an administrator consents to the permissions that the app requests. The app is delegated with the permission to act as a signed-in user when it makes calls to the target resource. 
 
     Some delegated permissions can be consented to by nonadministrators. But some high-privileged permissions require [administrator consent](#admin-restricted-permissions). To learn which administrator roles can consent to delegated permissions, see [Administrator role permissions in Azure Active Directory (Azure AD)](../roles/permissions-reference.md).
 

articles/active-directory/enterprise-users/TOC.yml

@@ -58,8 +58,6 @@
       href: users-close-account.md
     - name: Add guest users  
       href: ../external-identities/what-is-b2b.md?context=%2fazure%2factive-directory%2fenterprise-users%2fcontext%2fugr-context
-    - name: Assign role to guest user    
-      href: ../external-identities/add-guest-to-role.md?context=%2fazure%2factive-directory%2fenterprise-users%2fcontext%2fugr-context
     - name: Restrict guest user access
       href: users-restrict-guest-permissions.md
     - name: Dynamic groups and guests   

articles/active-directory/external-identities/add-guest-to-role.md

@@ -114,8 +114,6 @@
         href: self-service-sign-up-add-approvals.md
     - name: Manage guest user accounts
       items:
-      - name: Add a B2B user to a role
-        href: add-guest-to-role.md
       - name: Dynamic groups and B2B users
         href: use-dynamic-groups.md
       - name: Understand the B2B user

articles/active-directory/external-identities/toc.yml

@@ -66,15 +66,14 @@ For more information on how SSO works with Windows 10 using PRT, see: [Primary R
 |Windows 10|Yes\*|Yes|Yes|Yes\*\*\*|N/A
 |Windows 8.1|Yes\*|Yes*\*\*\*|Yes|Yes\*\*\*|N/A
 |Windows 8|Yes\*|N/A|Yes|Yes\*\*\*|N/A
-|Windows 7|Yes\*|N/A|Yes|Yes\*\*\*|N/A
 |Windows Server 2012 R2 or above|Yes\*\*|N/A|Yes|Yes\*\*\*|N/A
 |Mac OS X|N/A|N/A|Yes\*\*\*|Yes\*\*\*|Yes\*\*\*
 
  > [!NOTE]
  >Microsoft Edge legacy is no longer supported
 
 
-\*Requires Internet Explorer version 11 or later.
+\*Requires Internet Explorer version 11 or later. ([Beginning August 17, 2021, Microsoft 365 apps and services will not support IE 11](https://techcommunity.microsoft.com/t5/microsoft-365-blog/microsoft-365-apps-say-farewell-to-internet-explorer-11-and/ba-p/1591666).)
 
 \*\*Requires Internet Explorer version 11 or later. Disable Enhanced Protected Mode.
 

articles/active-directory/hybrid/how-to-connect-sso.md

@@ -198,7 +198,7 @@ In general, full synchronization cycle is required. This is because you have add
 
 1. Run **Full import** on the on-premises Active Directory Connector:
 
-   1. Go to the **Operations** tab in the Synchronization Service Manager.
+   1. Go to the **Connectors** tab in the Synchronization Service Manager.
    2. Right-click the **on-premises Active Directory Connector**, and select **Run**.
    3. In the dialog box, select **Full Import**, and select **OK**.
    4. Wait for the operation to complete.
@@ -273,4 +273,4 @@ Learn more about the configuration model in the sync engine:
 Overview topics:
 
 * [Azure AD Connect sync: Understand and customize synchronization](how-to-connect-sync-whatis.md)
-* [Integrating your on-premises identities with Azure Active Directory](whatis-hybrid-identity.md)
+* [Integrating your on-premises identities with Azure Active Directory](whatis-hybrid-identity.md)

articles/active-directory/hybrid/how-to-connect-sync-feature-preferreddatalocation.md

@@ -131,4 +131,4 @@ Congratulations, you now have bootstrapped the web of trust with your DID!
 
 ## Next steps
 
-If during onboarding you enter the wrong domain information of you decide to change it, you will need to [opt out](how-to-opt-out.md). At this time, we don't support updating your DID document. Opting out and opting back in will create a brand new DID.
+If during onboarding you enter the wrong domain information or if you decide to change it, you will need to [opt out](how-to-opt-out.md). At this time, we don't support updating your DID document. Opting out and opting back in will create a brand new DID.

articles/active-directory/verifiable-credentials/how-to-dnsbind.md

@@ -5,7 +5,7 @@ author: ccompy
 
 ms.assetid: 66774bde-13f5-45d0-9a70-4e9536a4f619
 ms.topic: article
-ms.date: 02/05/2020
+ms.date: 05/05/2021
 ms.author: ccompy
 ms.custom: seodec18, fasttrack-edit
 ---
@@ -17,9 +17,9 @@ Hybrid Connections is both a service in Azure and a feature in Azure App Service
 Within App Service, Hybrid Connections can be used to access application resources in any network that can make outbound calls to Azure over port 443. Hybrid Connections provides access from your app to a TCP endpoint and does not enable a new way to access your app. As used in App Service, each Hybrid Connection correlates to a single TCP host and port combination. This enables your apps to access resources on any OS, provided it is a TCP endpoint. The Hybrid Connections feature does not know or care what the application protocol is, or what you are accessing. It simply provides network access.  
 
 ## How it works ##
-Hybrid Connections requires a relay agent to be deployed where it can reach both the desired endpoint as well as to Azure. The relay agent, Hybrid Connection Manager (HCM), calls out to Azure Relay over port 443. From the web app site, the App Service infrastructure also connects to Azure Relay on your application's behalf. Through the joined connections, your app is able to access the desired endpoint. The connection uses TLS 1.2 for security and shared access signature (SAS) keys for authentication and authorization.    
+Hybrid Connections requires a relay agent to be deployed where it can reach both the desired endpoint as well as to Azure. The relay agent, Hybrid Connection Manager (HCM), calls out to Azure Relay over port 443. From the web app site, the App Service infrastructure also connects to Azure Relay on your application's behalf. Through the joined connections, your app is able to access the desired endpoint. The connection uses TLS 1.2 for security and shared access signature (SAS) keys for authentication and authorization.
 
-![Diagram of Hybrid Connection high-level flow][1]
+:::image type="content" source="media/app-service-hybrid-connections/hybridconn-connectiondiagram.png" alt-text="Diagram of Hybrid Connection high-level flow":::
 
 When your app makes a DNS request that matches a configured Hybrid Connection endpoint, the outbound TCP traffic will be redirected through the Hybrid Connection.  
 
@@ -54,11 +54,11 @@ Things you cannot do with Hybrid Connections include:
 
 To create a Hybrid Connection, go to the [Azure portal][portal] and select your app. Select **Networking** > **Configure your Hybrid Connection endpoints**. Here you can see the Hybrid Connections that are configured for your app.  
 
-![Screenshot of Hybrid Connection list][2]
+:::image type="content" source="media/app-service-hybrid-connections/hybridconn-portal.png" alt-text="Screenshot of Hybrid Connection list":::
 
-To add a new Hybrid Connection, select **[+] Add hybrid connection**.  You'll see a list of the Hybrid Connections that you already created. To add one or more of them to your app, select the ones you want, and then select **Add selected Hybrid Connection**.  
+To add a new Hybrid Connection, select **[+] Add hybrid connection**.  You'll see a list of the Hybrid Connections that you already created. To add one or more of them to your app, select the ones you want, and then select **Add selected Hybrid Connection**.
 
-![Screenshot of Hybrid Connection portal][3]
+:::image type="content" source="media/app-service-hybrid-connections/hybridconn-addhc.png" alt-text="Screenshot of Hybrid Connection portal":::
 
 If you want to create a new Hybrid Connection, select **Create new hybrid connection**. Specify the: 
 
@@ -67,15 +67,15 @@ If you want to create a new Hybrid Connection, select **Create new hybrid connec
 - Endpoint port.
 - Service Bus namespace you want to use.
 
-![Screenshot of Create new hybrid connection dialog box][4]
+:::image type="content" source="media/app-service-hybrid-connections/hybridconn-createhc.png" alt-text="Screenshot of Create new hybrid connection dialog box":::
 
 Every Hybrid Connection is tied to a Service Bus namespace, and each Service Bus namespace is in an Azure region. It's important to try to use a Service Bus namespace in the same region as your app, to avoid network induced latency.
 
 If you want to remove your Hybrid Connection from your app, right-click it and select **Disconnect**.  
 
 When a Hybrid Connection is added to your app, you can see details on it simply by selecting it. 
 
-![Screenshot of Hybrid connections details][5]
+:::image type="content" source="media/app-service-hybrid-connections/hybridconn-properties.png" alt-text="Screenshot of Hybrid connections details":::
 
 ### Create a Hybrid Connection in the Azure Relay portal ###
 
@@ -92,12 +92,12 @@ App Service Hybrid Connections are only available in Basic, Standard, Premium, a
 |----|----|
 | Basic | 5 per plan |
 | Standard | 25 per plan |
-| PremiumV2 | 200 per app |
-| Isolated | 200 per app |
+| Premium (v1-v3) | 220 per app |
+| Isolated (v1-v2) | 220 per app |
 
-The App Service plan UI shows you how many Hybrid Connections are being used and by what apps.  
+The App Service plan UI shows you how many Hybrid Connections are being used and by what apps.
 
-![Screenshot of App Service plan properties][6]
+:::image type="content" source="media/app-service-hybrid-connections/hybridconn-aspproperties.png" alt-text="Screenshot of App Service plan properties":::
 
 Select the Hybrid Connection to see details. You can see all the information that you saw at the app view. You can also see how many other apps in the same plan are using that Hybrid Connection.
 
@@ -113,28 +113,28 @@ The Hybrid Connections feature requires a relay agent in the network that hosts
 
 This tool runs on Windows Server 2012 and later. The HCM runs as a service and connects outbound to Azure Relay on port 443.  
 
-After installing HCM, you can run HybridConnectionManagerUi.exe to use the UI for the tool. This file is in the Hybrid Connection Manager installation directory. In Windows 10, you can also just search for *Hybrid Connection Manager UI* in your search box.  
+After installing HCM, you can run HybridConnectionManagerUi.exe to use the UI for the tool. This file is in the Hybrid Connection Manager installation directory. In Windows 10, you can also just search for *Hybrid Connection Manager UI* in your search box.
 
-![Screenshot of Hybrid Connection Manager][7]
+:::image type="content" source="media/app-service-hybrid-connections/hybridconn-hcm.png" alt-text="Screenshot of Hybrid Connection Manager":::
 
 When you start the HCM UI, the first thing you see is a table that lists all the Hybrid Connections that are configured with this instance of the HCM. If you want to make any changes, first authenticate with Azure. 
 
 To add one or more Hybrid Connections to your HCM:
 
 1. Start the HCM UI.
-2. Select **Configure another Hybrid Connection**.
-![Screenshot of Configure New Hybrid Connections][8]
+2. Select **Add a new Hybrid Connection**.
+:::image type="content" source="media/app-service-hybrid-connections/hybridconn-hcmadd.png" alt-text="Screenshot of Configure New Hybrid Connections":::
 
 1. Sign in with your Azure account to get your Hybrid Connections available with your subscriptions. The HCM does not continue to use your Azure account beyond that. 
 1. Choose a subscription.
 1. Select the Hybrid Connections that you want the HCM to relay.
-![Screenshot of Hybrid Connections][9]
+:::image type="content" source="media/app-service-hybrid-connections/hybridconn-hcmadded.png" alt-text="Screenshot of Hybrid Connections":::
 
 1. Select **Save**.
 
 You can now see the Hybrid Connections you added. You can also select the configured Hybrid Connection to see details.
 
-![Screenshot of Hybrid Connection Details][10]
+:::image type="content" source="media/app-service-hybrid-connections/hybridconn-hcmdetails.png" alt-text="Screenshot of Hybrid Connection Details":::
 
 To support the Hybrid Connections it is configured with, HCM requires:
 
@@ -154,7 +154,7 @@ Each HCM can support multiple Hybrid Connections. Also, any given Hybrid Connect
 
 To enable someone outside your subscription to host an HCM instance for a given Hybrid Connection, share the gateway connection string for the Hybrid Connection with them. You can see the gateway connection string in the Hybrid Connection properties in the [Azure portal][portal]. To use that string, select **Enter Manually** in the HCM, and paste in the gateway connection string.
 
-![Manually add a Hybrid Connection][11]
+:::image type="content" source="media/app-service-hybrid-connections/hybridconn-manual.png" alt-text="Manually add a Hybrid Connection":::
 
 ### Upgrade ###
 
@@ -213,20 +213,6 @@ In App Service, the **tcpping** command-line tool can be invoked from the Advanc
 If you have a command-line client for your endpoint, you can test connectivity from the app console. For example, you can test access to web server endpoints by using curl.
 
 
-<!--Image references-->
-[1]: ./media/app-service-hybrid-connections/hybridconn-connectiondiagram.png
-[2]: ./media/app-service-hybrid-connections/hybridconn-portal.png
-[3]: ./media/app-service-hybrid-connections/hybridconn-addhc.png
-[4]: ./media/app-service-hybrid-connections/hybridconn-createhc.png
-[5]: ./media/app-service-hybrid-connections/hybridconn-properties.png
-[6]: ./media/app-service-hybrid-connections/hybridconn-aspproperties.png
-[7]: ./media/app-service-hybrid-connections/hybridconn-hcm.png
-[8]: ./media/app-service-hybrid-connections/hybridconn-hcmadd.png
-[9]: ./media/app-service-hybrid-connections/hybridconn-hcmadded.png
-[10]: ./media/app-service-hybrid-connections/hybridconn-hcmdetails.png
-[11]: ./media/app-service-hybrid-connections/hybridconn-manual.png
-[12]: ./media/app-service-hybrid-connections/hybridconn-bt.png
-
 <!--Links-->
 [HCService]: /azure/service-bus-relay/relay-hybrid-connections-protocol/
 [portal]: https://portal.azure.com/