Merge pull request #179793 from MicrosoftDocs/master

11/12 PM Publish

Author: huypub

.openpublishing.publish.config.json

@@ -591,12 +591,6 @@
       "branch": "master",
       "branch_mapping": {}
     },
-    {
-      "path_to_root": "samples-cosmosdb-dotnet-v2",
-      "url": "https://github.com/Azure/azure-cosmos-dotnet-v2",
-      "branch": "master",
-      "branch_mapping": {}
-    },
     {
       "path_to_root": "samples-cosmosdb-java-v4-web-app",
       "url": "https://github.com/Azure-Samples/azure-cosmos-java-sql-api-todo-app",
@@ -717,12 +711,6 @@
       "branch": "master",
       "branch_mapping": {}
     },
-    {
-      "path_to_root": "azure-cosmosdb-java-v2",
-      "url": "https://github.com/Azure/azure-cosmosdb-java",
-      "branch": "master",
-      "branch_mapping": {}
-    },
     {
       "path_to_root": "azure-cosmosdb-graph-dotnet",
       "url": "https://github.com/Azure-Samples/azure-cosmos-db-graph-gremlindotnet-getting-started",

.openpublishing.redirection.json

@@ -463,6 +463,16 @@
       "redirect_url": "/azure/frontdoor/edge-locations-by-abbreviation",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/frontdoor/standard-premium/troubleshoot-route-issues.md",
+      "redirect_url": "/azure/frontdoor/troubleshoot-issues",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/frontdoor/front-door-troubleshoot-routing.md",
+      "redirect_url": "/azure/frontdoor/troubleshoot-issues",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/azure-sql/database/doc-changes-updates-release-notes.md",
       "redirect_url": "/azure/azure-sql/database/doc-changes-updates-release-notes-whats-new",

articles/active-directory/authentication/howto-authentication-passwordless-phone.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 10/29/2021
+ms.date: 11/12/2021
 
 ms.author: justinha
 author: justinha
@@ -58,7 +58,10 @@ To enable the authentication method for passwordless phone sign-in, complete the
 1. Each added group or user is enabled by default to use Microsoft Authenticator in both passwordless and push notification modes ("Any" mode). To change this, for each row:
    1. Browse to **...** > **Configure**.
    1. For **Authentication mode** - choose **Any**, or **Passwordless**. Choosing **Push** prevents the use of the passwordless phone sign-in credential. 
-1. To apply the new policy, select **Save**.
+1. To apply the new policy, click **Save**. 
+
+   >[!NOTE]
+   >If you see an error when you try to save, the cause might be due to the number of users or groups being added. As a workaround, replace the users and groups you are trying to add with a single group, in the same operation, and then click **Save** again.
 
 ## User registration and management of Microsoft Authenticator
 

articles/active-directory/authentication/howto-authentication-passwordless-security-key.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 06/03/2021
+ms.date: 11/12/2021
 
 ms.author: justinha
 author: justinha
@@ -52,6 +52,9 @@ Registration features for passwordless authentication methods rely on the combin
    1. **Target** - All users or Select users
 1. **Save** the configuration.
 
+   >[!NOTE]
+   >If you see an error when you try to save, the cause might be due to the number of users or groups being added. As a workaround, replace the users and groups you are trying to add with a single group, in the same operation, and then click **Save** again.
+
 
 ### FIDO Security Key optional settings 
 

articles/active-directory/governance/create-access-review.md

@@ -3,7 +3,7 @@ title: Create an access review of groups & applications - Azure AD
 description: Learn how to create an access review of group members or application access in Azure Active Directory access reviews. 
 services: active-directory
 author: ajburnle
-manager: daveba
+manager: karenhoran
 editor: markwahl-msft
 ms.service: active-directory
 ms.workload: identity
@@ -117,7 +117,7 @@ For more information, see [License requirements](access-reviews-overview.md#lice
     > [!NOTE]
     > Action to apply on denied guest users isn't configurable on reviews scoped to more than guest users. It's also not configurable for reviews of **All Microsoft 365 groups with guest users.** When not configurable, the default option of removing user's membership from the resource is used on denied users.
  
-13. Use **(Preview) At end of review, send notification to** to send notifications to other users or groups with completion updates. This feature allows for stakeholders other than the review creator to be updated on the progress of the review. To use this feature, select **Select User(s) or Group(s)** and add an additional user or group upon you want to receive the status of completion.
+13. Use **At end of review, send notification to** to send notifications to other users or groups with completion updates. This feature allows for stakeholders other than the review creator to be updated on the progress of the review. To use this feature, select **Select User(s) or Group(s)** and add an additional user or group upon you want to receive the status of completion.
 
 14. In the **Enable review decision helpers** choose whether you would like your reviewer to receive recommendations during the review process. When enabled, users who have signed in during the previous 30-day period are recommended to be approved, while users who have not signed in during the past 30 days are recommended to be denied.
 

articles/active-directory/privileged-identity-management/groups-role-settings.md

@@ -11,7 +11,7 @@ ms.topic: how-to
 ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: pim
-ms.date: 11/09/2021
+ms.date: 11/12/2021
 ms.author: curtand
 ms.custom: pim
 ms.collection: M365-identity-device-management
@@ -91,7 +91,7 @@ Privileged Identity Management provides optional enforcement of Azure AD Multi-F
 
 ### Require multifactor authentication on active assignment
 
-This option requires admins must complete a multifactor authentication before creating an active (as opposed to eligible) role assignment. Privileged Identity Management can't enforce multifactor authentication when the user uses their role assignment because they are already active in the role from the time that it is assigned.
+This option requires admins must complete multifactor authentication before creating an active (as opposed to eligible) role assignment. Privileged Identity Management can't enforce multifactor authentication when the user uses their role assignment because they are already active in the role from the time that it is assigned.
 
 To require multifactor authentication when creating an active role assignment, select the **Require Multi-Factor Authentication on active assignment** check box.
 
@@ -105,7 +105,7 @@ For more information, see [Multifactor authentication and Privileged Identity Ma
 
 ## Activation maximum duration
 
-Use the **Activation maximum duration** slider to set the maximum time, in hours, that a role stays active before it expires. This value can be from one to 24 hours.
+Use the **Activation maximum duration** slider to set the maximum time, in hours, that an activation request for a role assignment remains active before it expires. This value can be from one to 24 hours.
 
 ## Require justification
 

articles/active-directory/privileged-identity-management/pim-how-to-change-default-settings.md

@@ -11,7 +11,7 @@ ms.service: active-directory
 ms.topic: how-to
 ms.workload: identity
 ms.subservice: pim
-ms.date: 10/07/2021
+ms.date: 11/12/2021
 ms.author: curtand
 ms.reviewer: shaunliu
 ms.custom: pim
@@ -82,7 +82,7 @@ For more information, see [Multifactor authentication and Privileged Identity Ma
 
 ## Activation maximum duration
 
-Use the **Activation maximum duration** slider to set the maximum time, in hours, that a role stays active before it expires. This value can be from one to 24 hours.
+Use the **Activation maximum duration** slider to set the maximum time, in hours, that an activation request for a role assignment remains active before it expires. This value can be from one to 24 hours.
 
 ## Require justification
 

articles/active-directory/privileged-identity-management/pim-resource-roles-configure-role-settings.md

@@ -11,7 +11,7 @@ ms.topic: how-to
 ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: pim
-ms.date: 10/07/2021
+ms.date: 11/12/2021
 ms.author: curtand
 ms.reviewer: shaunliu
 ms.custom: pim
@@ -109,7 +109,7 @@ For more information, see [Multifactor authentication and Privileged Identity Ma
 
 ## Activation maximum duration
 
-Use the **Activation maximum duration** slider to set the maximum time, in hours, that a role assignment stays active before it expires. This value can be from one to 24 hours.
+Use the **Activation maximum duration** slider to set the maximum time, in hours, that an activation request for a role assignment remains active before it expires. This value can be from one to 24 hours.
 
 ## Require justification
 

articles/active-directory/reports-monitoring/overview-flagged-sign-ins.md

@@ -2,14 +2,20 @@
 
 title: What are flagged sign-ins in Azure Active Directory?
 description: Provides a general overview of flagged sign-ins in Azure Active Directory.
+services: active-directory
+documentationcenter: ''
 author: MarkusVi
 manager: karenhoran
+editor: ''
+
 ms.assetid: e2b3d8ce-708a-46e4-b474-123792f35526
 ms.service: active-directory
+ms.devlang: na
 ms.topic: overview
+ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 10/27/2021
+ms.date: 11/12/2021
 ms.author: markvi
 ms.reviewer: tspring  
 
@@ -24,6 +30,8 @@ As an IT admin, when a user failed to sign-in, you want to resolve the issue as
 This article gives you an overview of a feature that significantly improves the time it takes to resolve user sign-in problems by making the related problems easy to find.
 
 
+
+
 ## What it is
 
 Azure AD sign-in events are critical to understanding what went right or wrong with user sign-ins and the authentication configuration in a tenant. However, Azure AD processes over 8 billion authentications a day, which can result in so many sign-in events that admins may find it difficult to find the ones which matter. In other words, the sheer number of sign-in events can make the signal of users who need assistance get lost in the volume of a large number of events.
@@ -35,7 +43,9 @@ Flagged sign-ins gives the user the ability to enable flagging when an error is
 In summary, you can use flagged sign-ins to:
 
 - **Empower** users to indicate the sign-in errors they need their tenant admins help on.
+
 - **Simplify** the process of locating the sign-in errors a user needs to be resolved.
+
 - **Enable**  help desk personal find the problems users want help with proactively- without the end user having to do anything other than flag the event.
 
 ## How it works
@@ -66,20 +76,27 @@ After enabling flagging, the same browser application and client must be used or
 
 ### Admin or Developer: Find flagged events using MS Graph
 
-You can find flagged sign-ins with a filtered query using the sign-ins reporting API. A sample query is:
- 
-`https://graph.microsoft.com/beta/auditlogs/signins?&$filter=(flaggedForReview eq true)`
+You can find flagged sign-ins with a filtered query using the sign-ins reporting API.
+
+Show all Flagged Sign-ins:
+`https://graph.microsoft.com/beta/auditLogs/signIns?&$filter=flaggedforReview eq true`
 
-For more information on using the sign-ins Graph API, see [signIn resource type](/graph/api/resources/signin?view=graph-rest-1.0&preserve-view=true).
+Flagged Sign-ins query for specific user by UPN (e.g.: [email protected]):
+`https://graph.microsoft.com/beta/auditLogs/signIns?&$filter=flaggedforReview eq true and userPrincipalname eq '[email protected]'`
+
+Flagged Sign-ins query for specific user and date greater than:
+`https://graph.microsoft.com/beta/auditLogs/signIns?&$filter=flaggedforReview eq true and createdDateTime ge 2021-10-01 and userPrincipalname eq '[email protected]'`
+ 
+For more information on using the sign-ins Graph API, see [signIn resource type](https://docs.microsoft.com/graph/api/resources/signin?view=graph-rest-1.0&preserve-view=true).
 
 
 
 
-## Who can create it?
+## Who can create flagged sign-ins?
 
 Any user signing into Azure AD via web page can use flag sign-ins for review. Member and guest users alike can flag sign-in errors for review. 
 
-## Who can review it?
+## Who can review flagged sign-ins?
 
 Reviewing flagged sign-in events requires permissions to read the Sign-in Report events in the Azure AD portal. For more information, see [who can access it?](concept-sign-ins.md#who-can-access-it)
 

articles/aks/azure-hpc-cache.md

@@ -128,7 +128,7 @@ STORAGE_ACCOUNT_ID=$(az storage account show --name $STORAGE_ACCOUNT_NAME --quer
 AD_USER=$(az ad signed-in-user show --query objectId -o tsv)
 CONTAINER_NAME=mystoragecontainer
 az role assignment create --role "Storage Blob Data Contributor" --assignee $AD_USER --scope $STORAGE_ACCOUNT_ID
-az storage container create --name $CONTAINER_NAME --account-name jebutlaksstorage --auth-mode login
+az storage container create --name $CONTAINER_NAME --account-name $STORAGE_ACCOUNT_NAME --auth-mode login
 ```
 
 Provide permissions to the Azure HPC Cache service account to access your storage account and Blob container.