Merge pull request #108305 from IEvangelist/warningsAndSuggestions

Cleared all warnings and over 100 suggestions

Author: SyntaxC4

articles/active-directory/azuread-dev/active-directory-devhowto-adal-error-handling.md

@@ -11,7 +11,6 @@ ms.custom: aaddev
 ms.topic: conceptual
 ms.workload: identity
 ms.date: 02/27/2017
-ms.author: ryanwi
 ---
 
 # Error handling best practices for Azure Active Directory Authentication Library (ADAL) clients
@@ -184,7 +183,7 @@ The operating system can also generate a set of errors, which require error hand
 
 ### Error cases and actionable steps: Native client applications
 
-If you're building a native client application, there are a few error handling cases to consider which relate to network issues, transient failures, and other platform-specific errors. In most cases, an application shouldn’t perform immediate retries, but rather wait for end-user interaction that prompts a sign-in. 
+If you're building a native client application, there are a few error handling cases to consider which relate to network issues, transient failures, and other platform-specific errors. In most cases, an application shouldn't perform immediate retries, but rather wait for end-user interaction that prompts a sign-in. 
 
 There are a few special cases in which a single retry may resolve the issue. For example, when a user needs to enable data on a device, or completed the Azure AD broker download after the initial failure. 
 

articles/active-directory/b2b/add-user-without-invite.md

@@ -2,7 +2,6 @@
 
 title: Add B2B guests without an invitation link or email - Azure AD
 description: You can let a guest user add other guest users to your Azure AD without redeeming an invitation in Azure Active Directory B2B collaboration.
-services: active-directory
 documentationcenter: ''
 
 services: active-directory

articles/active-directory/cloud-provisioning/what-is-cloud-provisioning.md

@@ -10,7 +10,6 @@ ms.topic: overview
 ms.date: 12/05/2019
 ms.subservice: hybrid
 ms.author: billmath
-ms.topic: conceptual
 ms.collection: M365-identity-device-management
 ---
 
@@ -52,7 +51,7 @@ The following table provides a comparison between Azure AD Connect and Azure AD
 | Supports installation on a Domain Controller |● |● |
 | Support for Windows Server 2012 and Windows Server 2012 R2 |● |● |
 | Filter on Domains/OUs/groups |● |● |
-| Filter on objects’ attribute values |● | |
+| Filter on objects' attribute values |● | |
 | Allow minimal set of attributes to be synchronized (MinSync) |● |● |
 | Allow removing attributes from flowing from AD to Azure AD |● |● |
 | Allow advanced customization for attribute flows |● | |

articles/active-directory/develop/quickstart-v2-javascript.md

@@ -8,7 +8,6 @@ manager: CelesteDG
 
 ms.service: active-directory
 ms.subservice: develop
-ms.custom: aaddev 
 ms.topic: quickstart
 ms.workload: identity
 ms.date: 04/11/2019

articles/active-directory/develop/v2-permissions-and-consent.md

@@ -17,8 +17,7 @@ ms.topic: conceptual
 ms.date: 1/3/2020
 ms.author: ryanwi
 ms.reviewer: hirsin, jesakowi, jmprieur
-ms.custom: aaddev
-ms.custom: fasttrack-edit
+ms.custom: aaddev, fasttrack-edit
 ---
 
 # Permissions and consent in the Microsoft identity platform endpoint
@@ -196,13 +195,13 @@ When you're ready to request permissions from your organization's admin, you can
 ```
 
 
-| Parameter		| Condition		| Description																				|
+| Parameter        | Condition        | Description                                                                                |
 |:--------------|:--------------|:-----------------------------------------------------------------------------------------|
 | `tenant` | Required | The directory tenant that you want to request permission from. Can be provided in GUID or friendly name format OR generically referenced with organizations as seen in the example. Do not use 'common', as personal accounts cannot provide admin consent except in the context of a tenant. To ensure best compatibility with personal accounts that manage tenants, use the tenant ID when possible. |
 | `client_id` | Required | The **Application (client) ID** that the [Azure portal – App registrations](https://go.microsoft.com/fwlink/?linkid=2083908) experience assigned to your app. |
 | `redirect_uri` | Required |The redirect URI where you want the response to be sent for your app to handle. It must exactly match one of the redirect URIs that you registered in the app registration portal. |
 | `state` | Recommended | A value included in the request that will also be returned in the token response. It can be a string of any content you want. Use the state to encode information about the user's state in the app before the authentication request occurred, such as the page or view they were on. |
-|`scope`		| Required		| Defines the set of permissions being requested by the application. This can be either static (using [`/.default`](#the-default-scope)) or dynamic scopes.  This can include the OIDC scopes (`openid`, `profile`, `email`). If you need application permissions, you must use `/.default` to request the statically configured list of permissions.  | 
+|`scope`        | Required        | Defines the set of permissions being requested by the application. This can be either static (using [`/.default`](#the-default-scope)) or dynamic scopes.  This can include the OIDC scopes (`openid`, `profile`, `email`). If you need application permissions, you must use `/.default` to request the statically configured list of permissions.  | 
 
 
 At this point, Azure AD requires a tenant administrator to sign in to complete the request. The administrator is asked to approve all the permissions that you have requested in the `scope` parameter.  If you've used a static (`/.default`) value, it will function like the v1.0 admin consent endpoint and request consent for all scopes found in the required permissions for the app.

articles/active-directory/fundamentals/active-directory-access-create-new-tenant.md

@@ -11,17 +11,16 @@ ms.workload: identity
 ms.topic: quickstart
 ms.date: 09/10/2018
 ms.author: ajburnle
-ms.custom: "it-pro, seodec18"
+ms.custom: "it-pro, seodec18, fasttrack-edit"
 ms.collection: M365-identity-device-management
-ms.custom: fasttrack-edit
 ---
 
 # Quickstart: Create a new tenant in Azure Active Directory
 You can do all of your administrative tasks using the Azure Active Directory (Azure AD) portal, including creating a new tenant for your organization. 
 
 In this quickstart, you'll learn how to get to the Azure portal and Azure Active Directory, and you'll learn how to create a basic tenant for your organization.
 
-If you don’t have an Azure subscription, create a [free account](https://azure.microsoft.com/free/) before you begin.
+If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/) before you begin.
 
 ## Create a new tenant for your organization
 After you sign in to the Azure portal, you can create a new tenant for your organization. Your new tenant represents your organization and helps you to manage a specific instance of Microsoft cloud services for your internal and external users.
@@ -53,7 +52,7 @@ After you sign in to the Azure portal, you can create a new tenant for your orga
 Your new tenant is created with the domain contoso.onmicrosoft.com.
 
 ## Clean up resources
-If you’re not going to continue to use this application, you can delete the tenant using the following steps:
+If you're not going to continue to use this application, you can delete the tenant using the following steps:
 
 - Ensure that you are signed in to the directory that you want to delete through the **Directory + subscription** filter in the Azure Portal, and switching to the target directory if needed.
 - Select **Azure Active Directory**, and then on the **Contoso - Overview** page, select **Delete directory**.

articles/active-directory/fundamentals/customize-branding.md

@@ -12,8 +12,7 @@ ms.topic: conceptual
 ms.date: 09/18/2018
 ms.author: ajburnle
 ms.reviewer: kexia
-ms.custom: "it-pro, seodec18"
-ms.custom: fasttrack-edit
+ms.custom: "it-pro, seodec18, fasttrack-edit"
 ms.collection: M365-identity-device-management
 ---
 
@@ -29,7 +28,7 @@ You can customize your Azure AD sign-in pages, which appear when users sign in t
 Your custom branding won't immediately appear when your users go to sites such as, www\.office.com. Instead, the user has to sign-in before your customized branding appears. After the user has signed in, the branding may take 15 minutes or longer to appear. 
 
 > [!NOTE]
-> All branding elements are optional. For example, if you specify a banner logo with no background image, the sign-in page will show your logo with a default background image from the destination site (for example, Office 365).<br><br>Additionally, sign-in page branding doesn’t carry over to personal Microsoft accounts. If your users or business guests sign in using a personal Microsoft account, the sign-in page won't reflect the branding of your organization.
+> All branding elements are optional. For example, if you specify a banner logo with no background image, the sign-in page will show your logo with a default background image from the destination site (for example, Office 365).<br><br>Additionally, sign-in page branding doesn't carry over to personal Microsoft accounts. If your users or business guests sign in using a personal Microsoft account, the sign-in page won't reflect the branding of your organization.
 
 ### To customize your branding
 1. Sign in to the [Azure portal](https://portal.azure.com/) using a Global administrator account for the directory.
@@ -67,11 +66,11 @@ Your custom branding won't immediately appear when your users go to sites such a
 
         - **Sign-in page background color.** Specify the hexadecimal color (for example, white is #FFFFFF) that will appear in place of your background image in low-bandwidth connection situations. We recommend using the primary color of your banner logo or your organization color.
 
-        - **Square logo image.** Select a .png (preferred) or .jpg image of your organization’s logo to appear to users during the setup process for new Windows 10 Enterprise devices. This image is only used for Windows authentication and appears only on tenants that are using [Windows Autopilot]( https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-10-autopilot) for deployment or for password entry pages in other Windows 10 experiences. In some cases it may also appear in the consent dialog.
+        - **Square logo image.** Select a .png (preferred) or .jpg image of your organization's logo to appear to users during the setup process for new Windows 10 Enterprise devices. This image is only used for Windows authentication and appears only on tenants that are using [Windows Autopilot]( https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-10-autopilot) for deployment or for password entry pages in other Windows 10 experiences. In some cases it may also appear in the consent dialog.
 
-            The image can’t be larger than 240x240 pixels in size and must have a file size of less than 10 KB. We recommend using a transparent image since the background might not match your logo background. We also recommend not adding padding around the image or it might make your logo look small.
+            The image can't be larger than 240x240 pixels in size and must have a file size of less than 10 KB. We recommend using a transparent image since the background might not match your logo background. We also recommend not adding padding around the image or it might make your logo look small.
 
-        - **Square logo image, dark theme.** Same as the square logo image above. This logo image takes the place of the square logo image when used with a dark background, such as with Windows 10 Azure AD joined screens during the out-of-box experience (OOBE).  If your logo looks good on white, dark blue, and black backgrounds, you don’t need to add this image. 
+        - **Square logo image, dark theme.** Same as the square logo image above. This logo image takes the place of the square logo image when used with a dark background, such as with Windows 10 Azure AD joined screens during the out-of-box experience (OOBE).  If your logo looks good on white, dark blue, and black backgrounds, you don't need to add this image. 
 
         - **Show option to remain signed in.** You can choose to let your users remain signed in to Azure AD until explicitly signing out. If you choose **No**,  this option is hidden, and users must sign in each time the browser is closed and reopened.
 

articles/active-directory/fundamentals/index.yml

@@ -74,5 +74,5 @@ landingContent:
             url: add-users-azure-active-directory.md
           - text: Assign roles to users
             url: active-directory-users-assign-role-azure-portal.md
-            text: Assign licenses to users
+          - text: Assign licenses to users
             url: license-users-groups.md

articles/active-directory/hybrid/whatis-aadc-admin-agent.md

@@ -10,7 +10,6 @@ ms.topic: overview
 ms.date: 09/04/2019
 ms.subservice: hybrid
 ms.author: billmath
-ms.topic: conceptual
 ms.collection: M365-identity-device-management
 ---
 
@@ -28,20 +27,20 @@ The Azure AD Connect Administration Agent is not installed on the Azure AD Conne
 ## Install the Azure AD Connect Administration Agent on the Azure AD Connect server 
 
 Prerequisites:
-1.	Azure AD Connect is installed on the server
-2.	Azure AD Connect Health is installed on the server
+1.    Azure AD Connect is installed on the server
+2.    Azure AD Connect Health is installed on the server
 
 ![admin agent](media/whatis-aadc-admin-agent/adminagent0.png)
 
 The Azure AD Connect Administration Agent binaries are placed in the AAD Connect server. To install the agent, do the following:
 
-1.	Open powershell in admin mode
-2.	Navigate to the directory where the application is located cd “C:\Program Files\Microsoft Azure Active Directory Connect\Tools”
-3.	Run ConfigureAdminAgent.ps1
+1.    Open powershell in admin mode
+2.    Navigate to the directory where the application is located cd "C:\Program Files\Microsoft Azure Active Directory Connect\Tools"
+3.    Run ConfigureAdminAgent.ps1
 
 When prompted, please enter your Azure AD global admin credentials. This should be the same credentials entered during Azure AD Connect installation.
 
-After the agent is installed, you’ll see the following two new programs in the “Add/Remove Programs” list in the Control Panel of your server: 
+After the agent is installed, you'll see the following two new programs in the "Add/Remove Programs" list in the Control Panel of your server: 
 
 ![admin agent](media/whatis-aadc-admin-agent/adminagent1.png)
 
@@ -50,11 +49,11 @@ When you open a support case  the Microsoft Support Engineer can see, for a give
 
 The Microsoft Support Engineer cannot change any data in your system and cannot see any passwords. 
 
-## What if I don’t want the Microsoft support engineer to access my data? 
+## What if I don't want the Microsoft support engineer to access my data? 
 Once the agent is installed, If you do not want the Microsoft service engineer to access your data for a support call, you can disable the functionality by modifying the service config file as described below: 
 
-1.	Open **C:\Program Files\Microsoft Azure AD Connect Administration Agent\AzureADConnectAdministrationAgentService.exe.config** in notepad.
-2.	Disable **UserDataEnabled** setting as shown below. If **UserDataEnabled** setting exists and is set to true, then set it to false. If the setting does not exist, then add the setting as shown below.    
+1.    Open **C:\Program Files\Microsoft Azure AD Connect Administration Agent\AzureADConnectAdministrationAgentService.exe.config** in notepad.
+2.    Disable **UserDataEnabled** setting as shown below. If **UserDataEnabled** setting exists and is set to true, then set it to false. If the setting does not exist, then add the setting as shown below.    
 
     ```xml
     <appSettings>
@@ -63,8 +62,8 @@ Once the agent is installed, If you do not want the Microsoft service engineer t
     </appSettings>
     ```
 
-3.	Save the config file.
-4.	Restart Azure AD Connect Administration Agent service as shown below
+3.    Save the config file.
+4.    Restart Azure AD Connect Administration Agent service as shown below
 
 ![admin agent](media/whatis-aadc-admin-agent/adminagent2.png)
 

articles/active-directory/hybrid/whatis-azure-ad-connect.md

@@ -10,19 +10,18 @@ ms.topic: overview
 ms.date: 01/08/2020
 ms.subservice: hybrid
 ms.author: billmath
-ms.topic: conceptual
 ms.collection: M365-identity-device-management
 ---
 
 # What is Azure AD Connect?
 
 Azure AD Connect is the Microsoft tool designed to meet and accomplish your hybrid identity goals.  It provides the following features:
- 	
+     
 - [Password hash synchronization](whatis-phs.md) - A sign-in method that synchronizes a hash of a users on-premises AD password with Azure AD.
 - [Pass-through authentication](how-to-connect-pta.md) - A sign-in method that allows users to use the same password on-premises and in the cloud, but doesn't require the additional infrastructure of a federated environment.
 - [Federation integration](how-to-connect-fed-whatis.md) - Federation is an optional part of Azure AD Connect and can be used to configure a hybrid environment using an on-premises AD FS infrastructure. It also provides AD FS management capabilities such as certificate renewal and additional AD FS server deployments.
 - [Synchronization](how-to-connect-sync-whatis.md) - Responsible for creating users, groups, and other objects.  As well as, making sure identity information for your on-premises users and groups is matching the cloud.  This synchronization also includes password hashes.
--  	[Health Monitoring](whatis-hybrid-identity-health.md) - Azure AD Connect Health can provide robust monitoring and provide a central location in the Azure portal to view this activity. 
+-      [Health Monitoring](whatis-hybrid-identity-health.md) - Azure AD Connect Health can provide robust monitoring and provide a central location in the Azure portal to view this activity. 
 
 
 ![What is Azure AD Connect](./media/whatis-hybrid-identity/arch.png)