Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into multir

Author: dlepow

.openpublishing.redirection.active-directory.json

@@ -30,6 +30,11 @@
       "redirect_url": "/azure/active-directory/saas-apps/tutorial-list",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/active-directory/fundamentals/whats-new-microsoft-365-government.md",
+      "redirect_url": "/azure/active-directory/fundamentals/whats-new",
+      "redirect_document_id": true
+    },
     {
       "source_path_from_root": "/articles/active-directory/manage-apps/common-scenarios.md",
       "redirect_url": "/azure/active-directory/manage-apps/what-is-application-management",

.openpublishing.redirection.azure-monitor.json

@@ -415,6 +415,11 @@
             "source_path_from_root": "/articles/azure-monitor/insights/cosmosdb-insights-overview.md" ,
             "redirect_url": "/azure/cosmos-db/cosmosdb-insights-overview",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/insights/network-insights-overview.md" ,
+            "redirect_url": "/azure/network-watcher/network-insights-overview",
+            "redirect_document_id": false
         }
     ]
 }

.openpublishing.redirection.json

@@ -40312,6 +40312,11 @@
       "source_path_from_root": "/articles/virtual-machines/windows/winrm.md",
       "redirect_url": "/azure/virtual-machines/windows/connect-winrm",
       "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/applied-ai-services/form-recognizer/tutorial-ai-builder.md",
+      "redirect_url": "https://docs.microsoft.com/ai-builder/create-form-processing-model",
+      "redirect_document_id": false
     }
   ]
 }

articles/active-directory-b2c/best-practices.md

@@ -87,4 +87,4 @@ Stay up to date with the state of the service and find support options.
 |--|--|
 | [Service updates](https://azure.microsoft.com/updates/?product=active-directory-b2c) |  Stay up to date with Azure AD B2C product updates and announcements. |
 | [Microsoft Support](support-options.md) | File a support request for Azure AD B2C technical issues. Billing and subscription management support is provided at no cost. |
-| [Azure status](https://status.azure.com/status) | View the current health status of all Azure services. |
+| [Azure status](https://azure.status.microsoft/status) | View the current health status of all Azure services. |

articles/active-directory-b2c/custom-domain.md

@@ -9,7 +9,7 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: how-to
-ms.date: 05/13/2022
+ms.date: 07/26/2022
 ms.author: kengaderdus
 ms.subservice: B2C
 ms.custom: "b2c-support"
@@ -116,13 +116,21 @@ Follow these steps to create an Azure Front Door:
     |Tier| Select either Standard or Premium tier. Standard tier is content delivery optimized. Premium tier builds on Standard tier and is focused on security. See [Tier Comparison](../frontdoor/standard-premium/tier-comparison.md).|
     |Endpoint name| Enter a globally unique name for your endpoint, such as `b2cazurefrontdoor`. The **Endpoint hostname** is generated automatically. |
     |Origin type| Select `Custom`.|
-    |Origin host name| Enter `<tenant-name>.b2clogin.com`. Replace `<tenant-name>` with the [name of your Azure AD B2C tenant](tenant-management.md#get-your-tenant-name).|
+    |Origin host name| Enter `<tenant-name>.b2clogin.com`. Replace `<tenant-name>` with the [name of your Azure AD B2C tenant](tenant-management.md#get-your-tenant-name) such as `contoso.b2clogin.com`.|
 
     Leave the **Caching** and **WAF policy** empty.
 
      
 1. Once the Azure Front Door resource is created, select **Overview**, and copy the **Endpoint hostname**. It looks something like `b2cazurefrontdoor-ab123e.z01.azurefd.net`. 
 
+1. Make sure the **Host name** and **Origin host header** of your origin have the same value: 
+    1. Under **Settings**, select **Origin groups**. 
+    1. Select your origin group from the list, such as **default-origin-group**.
+    1. On the right pane, select your **Origin host name** such as `contoso.b2clogin.com`.
+    1. On the **Update origin** pane, update the **Host name** and **Origin host header** to have the same value. 
+
+    :::image type="content" source="./media/custom-domain/azure-front-door-custom-domain-origins.png" alt-text="Screenshot of how to update custom domain origins.":::
+
 
 ## Step 3. Set up your custom domain on Azure Front Door
 

articles/active-directory-b2c/media/custom-domain/azure-front-door-custom-domain-origins.png

@@ -192,6 +192,9 @@ The validation technical profile can be any technical profile in the policy, suc
 
 You can also call a REST API technical profile with your business logic, overwrite input claims, or enrich user data by further integrating with corporate line-of-business application. For more information, see [Validation technical profile](validation-technical-profile.md)
 
+> [!NOTE]
+> A validation technical profile is only triggered when there's an input from the user. You can't create an _empty_ self-asserted technical profile to call a validation technical profile just to take advantage of the **ContinueOnError** attribute of a **ValidationTechnicalProfile** element. You can only call a validation technical profile from a self-asserted technical profile that requests an input from the user, or from an orchestration step in a user journey. 
+
 ## Metadata
 
 | Attribute | Required | Description |

articles/active-directory-b2c/self-asserted-technical-profile.md

@@ -55,7 +55,7 @@ The smart lockout feature uses many factors to determine when an account should
 - Passwords such as 12456! and 1234567! (or newAccount1234 and newaccount1234) are so similar that the algorithm interprets them as human error and counts them as a single try.
 - Larger variations in pattern, such as 12456! and ABCD2!, are counted as separate tries.
 
-When testing the smart lockout feature, use a distinctive pattern for each password you enter. Consider using password generation web apps, such as [https://passwordsgenerator.net/](https://passwordsgenerator.net/).
+When testing the smart lockout feature, use a distinctive pattern for each password you enter. Consider using password generation web apps, such as `https://passwordsgenerator.net/`.
 
 When the smart lockout threshold is reached, you'll see the following message while the account is locked: **Your account is temporarily locked to prevent unauthorized use. Try again later**. The error messages can be [localized](localization-string-ids.md#sign-up-or-sign-in-error-messages).
 
@@ -69,4 +69,3 @@ To obtain information about locked-out accounts, you can check the Active Direct
 ![Section of Azure AD sign-in report showing locked-out account](./media/threat-management/portal-01-locked-account.png)
 
 To learn about viewing the sign-in activity report in Azure Active Directory, see [Sign-in activity report error codes](../active-directory/reports-monitoring/concept-sign-ins.md).
-

articles/active-directory-b2c/threat-management.md

@@ -1,7 +1,7 @@
 ---
 title: Built-in policy definitions for Azure Active Directory Domain Services
 description: Lists Azure Policy built-in policy definitions for Azure Active Directory Domain Services. These built-in policy definitions provide common approaches to managing your Azure resources.
-ms.date: 07/20/2022
+ms.date: 07/26/2022
 ms.service: active-directory
 ms.subservice: domain-services
 author: justinha

articles/active-directory-domain-services/policy-reference.md

@@ -37,7 +37,7 @@ To enable Permissions Management in your organization:
 ## How to enable Permissions Management on your Azure AD tenant
 
 1. In your browser:
-    1. Go to [Entra services](https://entra.microsoft.com) and use your credentials to sign in to [Azure Active Directory](https://ms.portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Overview).
+    1. Go to [Entra services](https://entra.microsoft.com) and use your credentials to sign in to [Azure Active Directory](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Overview).
     1. If you aren't already authenticated, sign in as a global administrator user.
     1. If needed, activate the global administrator role in your Azure AD tenant.
     1. In the Azure AD portal, select **Permissions Management**, and then select the link to purchase a license or begin a trial.