MicrosoftDocs
diff --git a/‎.openpublishing.publish.config.json
Lines changed: 14 additions & 1 deletion b/‎.openpublishing.publish.config.json
Lines changed: 14 additions & 1 deletion
diff --git a/‎.openpublishing.redirection.azure-monitor.json
Lines changed: 16 additions & 0 deletions b/‎.openpublishing.redirection.azure-monitor.json
Lines changed: 16 additions & 0 deletions
diff --git a/‎.openpublishing.redirection.json
Lines changed: 93 additions & 34 deletions b/‎.openpublishing.redirection.json
Lines changed: 93 additions & 34 deletions
diff --git a/‎articles/active-directory-domain-services/policy-reference.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-domain-services/policy-reference.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/authentication/concept-certificate-based-authentication-technical-deep-dive.md
Lines changed: 3 additions & 3 deletions b/‎articles/active-directory/authentication/concept-certificate-based-authentication-technical-deep-dive.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎articles/active-directory/develop/TOC.yml
Lines changed: 3 additions & 1 deletion b/‎articles/active-directory/develop/TOC.yml
Lines changed: 3 additions & 1 deletion
diff --git a/‎articles/active-directory/develop/media/secure-group-access-control/groups-for-access-control.png
23.9 KB b/‎articles/active-directory/develop/media/secure-group-access-control/groups-for-access-control.png
23.9 KB
diff --git a/‎articles/active-directory/develop/migrate-spa-implicit-to-auth-code.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/develop/migrate-spa-implicit-to-auth-code.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/develop/msal-js-sso.md
Lines changed: 8 additions & 8 deletions b/‎articles/active-directory/develop/msal-js-sso.md
Lines changed: 8 additions & 8 deletions
@@ -830,6 +830,18 @@
       "url": "https://github.com/Azure-Samples/msdocs-nodejs-mongodb-azure-sample-app",
       "branch": "main",
       "branch_mapping": {}
+    },
+    {
+      "path_to_root": "msdocs-django-postgresql-sample-app",
+      "url": "https://github.com/Azure-Samples/msdocs-django-postgresql-sample-app",
+      "branch": "main",
+      "branch_mapping": {}
+    },
+    {
+      "path_to_root": "msdocs-flask-postgresql-sample-app",
+      "url": "https://github.com/Azure-Samples/msdocs-flask-postgresql-sample-app",
+      "branch": "main",
+      "branch_mapping": {}
     }
   ],
   "branch_target_mapping": {
@@ -899,6 +911,7 @@
     "articles/virtual-machine-scale-sets/.openpublishing.redirection.virtual-machine-scale-sets.json",
     "articles/mysql/.openpublishing.redirection.mysql.json",
     "articles/container-apps/.openpublishing.redirection.container-apps.json",
-    "articles/spring-cloud/.openpublishing.redirection.spring-cloud.json"
+    "articles/spring-cloud/.openpublishing.redirection.spring-cloud.json",
+    "articles/load-testing/.openpublishing.redirection.azure-load-testing.json"
   ]
 }
@@ -24,6 +24,22 @@
             "source_path_from_root": "/articles/azure-monitor/agents/data-collection-rule-overview.md",
             "redirect_url": "/azure/azure-monitor/essentials/data-collection-rule-overview",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/app/change-analysis.md",
+            "redirect_url": "/azure/azure-monitor/change/change-analysis",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/app/change-analysis-visualizations.md",
+            "redirect_url": "/azure/azure-monitor/change/change-analysis-visualizations",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/azure-monitor/app/change-analysis-troubleshoot.md",
+            "redirect_url": "/azure/azure-monitor/change/change-analysis-troubleshoot",
+            "redirect_document_id": false
         }
+
     ]
 }
@@ -5982,7 +5982,7 @@
       "source_path_from_root": "/articles/azure-functions/functions-test-a-function.md",
       "redirect_url": "/azure/azure-functions/supported-languages",
       "redirect_document_id": false
-    },    
+    },
     {
       "source_path_from_root": "/articles/azure-app-configuration/quickstart-azure-function-csharp.md",
       "redirect_url": "/azure/azure-app-configuration/quickstart-azure-functions-csharp",
@@ -7787,7 +7787,7 @@
       "source_path_from_root": "/articles/cognitive-services/LUIS/luis-tutorial-review-endpoint-utterances.md",
       "redirect_url": "/azure/cognitive-services/LUIS/how-to/improve-application",
       "redirect_document_id": false
-    }, 
+    },
     {
       "source_path_from_root": "/articles/cognitive-services/LUIS/luis-concept-enterprise.md",
       "redirect_url": "/azure/cognitive-services/LUIS/how-to/improve-application",
@@ -12088,7 +12088,6 @@
       "redirect_url": "/azure/azure-signalr/signalr-tutorial-authenticate-azure-functions",
       "redirect_document_id": true
     },
-
     {
       "source_path_from_root": "/articles/cognitive-services/form-recognizer/build-training-data-set.md",
       "redirect_url": "/azure/applied-ai-services/form-recognizer/build-training-data-set",
@@ -14669,7 +14668,7 @@
       "redirect_url": "/azure/data-explorer/manage-cluster-vertical-scaling",
       "redirect_document_id": false
     },
-        {
+    {
       "source_path_from_root": "/articles/postgresql/howto-manage-firewall-using-cli.md",
       "redirect_url": "/azure/postgresql/quickstart-create-server-database-azure-cli#configure-a-server-based-firewall-rule",
       "redirect_document_id": true
@@ -15188,7 +15187,7 @@
       "source_path_from_root": "/articles/defender-for-iot/device-builders/quickstart-azure-rtos-security-module.md",
       "redirect_url": "/azure/defender-for-iot/device-builders/how-to-quickstart-azure-rtos-security-module",
       "redirect_document_id": false
-    },    
+    },
     {
       "source_path_from_root": "/articles/defender-for-iot/organizations/integration-cisco-ise-pxgrid.md",
       "redirect_url": "/azure/defender-for-iot/organizations/integration-forescout",
@@ -17733,7 +17732,7 @@
       "source_path_from_root": "/articles/lab-services/class-type-ethical-hacking-virtualbox.md",
       "redirect_url": "/azure/lab-services/class-types",
       "redirect_document_id": false
-    },    
+    },
     {
       "source_path_from_root": "/articles/lab-services/classroom-labs/class-type-jupyter-notebook.md",
       "redirect_url": "/azure/lab-services/class-type-jupyter-notebook",
@@ -26038,12 +26037,12 @@
       "source_path_from_root": "/articles/storage/blobs/storage-quickstart-blobs-javascript-client-libraries-legacy.md",
       "redirect_url": "/azure/storage/blobs/quickstart-blobs-javascript-browser",
       "redirect_document_id": false
-    },    
+    },
     {
       "source_path_from_root": "/articles/storage/blobs/storage-quickstart-blobs-nodejs-legacy.md",
       "redirect_url": "/azure/storage/blobs/storage-quickstart-blobs-nodejs",
       "redirect_document_id": false
-    },        
+    },
     {
       "source_path_from_root": "/articles/storage/blobs/storage-quickstart-blobs-nodejs-v10.md",
       "redirect_url": "/azure/storage/blobs/storage-quickstart-blobs-nodejs",
@@ -33299,7 +33298,7 @@
       "redirect_url": "https://azure.microsoft.com/services/cognitive-services/",
       "redirect_document_id": false
     },
-        {
+    {
       "source_path_from_root": "/articles/machine-learning/studio/whats-new.md",
       "redirect_url": "https://azure.microsoft.com/updates/?product=machine-learning-studio",
       "redirect_document_id": false
@@ -43955,34 +43954,94 @@
       "redirect_document_id": false
     },
     {
-    "source_path_from_root": "/articles/azure/virtual-desktop/azure-advisor.md",
-    "redirect_url": "/azure/advisor/advisor-overview",
-    "redirect_document_id": false
+      "source_path_from_root": "/articles/azure/virtual-desktop/azure-advisor.md",
+      "redirect_url": "/azure/advisor/advisor-overview",
+      "redirect_document_id": false
     },
     {
       "source_path_from_root": "/articles/azure/cognitive-services/translator/tutorial-wpf-translation-csharp.md",
       "redirect_url": "/ai-builder/flow-text-translation?toc=/azure/cognitive-services/translator/toc.json&bc=/azure/cognitive-services/translator/breadcrumb/toc.json",
       "redirect_document_id": false
-      },
-      {
-        "source_path_from_root": "/articles/azure/cognitive-services/translator/tutorial-build-flask-app-translation-synthesis.md",
-        "redirect_url": "/learn/modules/translate-text-with-translator-service?toc=/azure/cognitive-services/translator/toc.json&bc=/azure/cognitive-services/translator/breadcrumb/toc.json",
-        "redirect_document_id": false
-      },
-      {
-        "source_path": "articles/machine-learning/classic/deploy-with-resource-manager-template.md",
-        "redirect_url": "/previous-versions/azure/machine-learning/classic/deploy-with-resource-manager-template",
-        "redirect_document_id": false
-      },
-      {
-        "source_path_from_root": "/articles/governance/policy/how-to/guest-configuration-create-group-policy.md",
-        "redirect_url": "/azure/governance/policy/how-to/guest-configuration-create",
-        "redirect_document_id": false
-      },
-      {
-        "source_path_from_root": "/articles/virtual-desktop/compare-virtual-desktop-windows-365.md",
-        "redirect_url": "/azure/virtual-desktop/overview",
-        "redirect_document_id": false
-      }
+    },
+    {
+      "source_path_from_root": "/articles/azure/cognitive-services/translator/tutorial-build-flask-app-translation-synthesis.md",
+      "redirect_url": "/learn/modules/translate-text-with-translator-service?toc=/azure/cognitive-services/translator/toc.json&bc=/azure/cognitive-services/translator/breadcrumb/toc.json",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/machine-learning/classic/deploy-with-resource-manager-template.md",
+      "redirect_url": "/previous-versions/azure/machine-learning/classic/deploy-with-resource-manager-template",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/policy/how-to/guest-configuration-create-group-policy.md",
+      "redirect_url": "/azure/governance/policy/how-to/guest-configuration-create",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/virtual-desktop/compare-virtual-desktop-windows-365.md",
+      "redirect_url": "/azure/virtual-desktop/overview",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/cis-azure-1-1-0.md",
+      "redirect_url": "/azure/governance/policy/samples/cis-azure-1-1-0",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/cis-azure-1-3-0.md",
+      "redirect_url": "/azure/governance/policy/samples/cis-azure-1-3-0",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/cmmc-l3.md",
+      "redirect_url": "/azure/governance/policy/samples/cmmc-l3",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/hipaa-hitrust-9-2.md",
+      "redirect_url": "/azure/governance/policy/samples/hipaa-hitrust-9-2",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/irs-1075-sept2016",
+      "redirect_url": "/azure/governance/policy/samples/irs-1075-sept2016",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/nist-sp-800-171-r2",
+      "redirect_url": "/azure/governance/policy/samples/nist-sp-800-171-r2",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/media/control-mapping.md",
+      "redirect_url": "/azure/governance/policy/samples",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/media/deploy.md",
+      "redirect_url": "/azure/governance/policy/samples",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/media/index.md",
+      "redirect_url": "/azure/governance/policy/samples",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/pci-dss-3.2.1/control-mapping.md",
+      "redirect_url": "/azure/governance/policy/samples",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/pci-dss-3.2.1/deploy.md",
+      "redirect_url": "/azure/governance/policy/samples",
+      "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/governance/blueprints/samples/pci-dss-3.2.1/index.md",
+      "redirect_url": "/azure/governance/policy/samples",
+      "redirect_document_id": false
+    }
   ]
-}
+}
@@ -1,7 +1,7 @@
 ---
 title: Built-in policy definitions for Azure Active Directory Domain Services
 description: Lists Azure Policy built-in policy definitions for Azure Active Directory Domain Services. These built-in policy definitions provide common approaches to managing your Azure resources.
-ms.date: 02/15/2022
+ms.date: 03/08/2022
 ms.service: active-directory
 ms.subservice: domain-services
 author: justinha
 
@@ -6,11 +6,11 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 02/15/2022
+ms.date: 03/11/2022
 
 ms.author: justinha
 author: vimrang
-manager: daveba
+manager: karenhoran
 ms.reviewer: vimrang
 
 ms.collection: M365-identity-device-management
@@ -196,7 +196,7 @@ For the first test scenario, configure the authentication policy where the Issue
 
 ### Test multifactor authentication
 
-For the next test scenario, configure the authentication policy where the Issuer subject rule satisfies multifactor authentication.
+For the next test scenario, configure the authentication policy where the **policyOID** rule satisfies multifactor authentication.
 
 :::image type="content" border="true" source="./media/concept-certificate-based-authentication-technical-deep-dive/multifactor.png" alt-text="Screenshot of the Authentication policy configuration showing multifactor authentication required." lightbox="./media/concept-certificate-based-authentication-technical-deep-dive/multifactor.png":::  
 
 
@@ -127,8 +127,10 @@
       href: zero-trust-for-developers.md
     - name: Best practices for least privileged access for apps
       href: secure-least-privileged-access.md
-    - name: Security best practices for Azure AD application registration
+    - name: Security best practices for Azure AD app registration
       href: security-best-practices-for-app-registration.md
+    - name: Secure access control using groups in Azure AD
+      href: secure-group-access-control.md
   - name: Automatic user provisioning (SCIM)
     href: ../app-provisioning/user-provisioning.md?toc=/azure/active-directory/develop/toc.json&bc=/azure/active-directory/develop/breadcrumb/toc.json
   - name: Use the Microsoft Graph API
 
@@ -77,7 +77,7 @@ For additional changes you might need to make to your code, see the [migration g
 
 ## Disable implicit grant settings
 
-Once you've updated all your production applications that use this app registration and its client ID to MSAL 2.x and the authorization code flow, you should uncheck the implicit grant settings in the app registration.
+Once you've updated all your production applications that use this app registration and its client ID to MSAL 2.x and the authorization code flow, you should uncheck the implicit grant settings under the **Authentication** menu of the app registration.
 
 When you uncheck the implicit grant settings in the app registration, the implicit flow is disabled for all applications using registration and its client ID.
 
 
@@ -30,6 +30,7 @@ When your application is open in multiple tabs and you first sign in the user on
 By default, MSAL.js uses `sessionStorage`, which doesn't allow the session to be shared between tabs. To get SSO between tabs, make sure to set the `cacheLocation` in MSAL.js to `localStorage` as shown below.
 
 ```javascript
+
 const config = {
   auth: {
     clientId: "abcd-ef12-gh34-ikkl-ashdjhlhsdg",
@@ -39,7 +40,7 @@ const config = {
   },
 };
 
-const myMSALObj = new UserAgentApplication(config);
+const msalInstance = new msal.PublicClientApplication(config);
 ```
 
 ## SSO between apps
@@ -72,8 +73,7 @@ var request = {
   sid: sid,
 };
 
-userAgentApplication
-  .acquireTokenSilent(request)
+ msalInstance.acquireTokenSilent(request)
   .then(function (response) {
     const token = response.accessToken;
   })
@@ -95,7 +95,7 @@ var request = {
   extraQueryParameters: { domain_hint: "organizations" },
 };
 
-userAgentApplication.loginRedirect(request);
+ msalInstance.loginRedirect(request);
 ```
 
 To get the values for login_hint and domain_hint by reading the claims returned in the ID token for the user.
@@ -104,7 +104,7 @@ To get the values for login_hint and domain_hint by reading the claims returned
 
 - **domain_hint** is only required to be passed when using the /common authority. The domain hint is determined by tenant ID(tid). If the `tid` claim in the ID token is `9188040d-6c67-4c5b-b112-36a304b66dad` it's consumers. Otherwise, it's organizations.
 
-For more information about **login_hint** and **domain_hint**, see  [Implicit grant flow](v2-oauth2-implicit-grant-flow.md).
+For more information about **login_hint** and **domain_hint**, see [auth code grant](v2-oauth2-auth-code-flow.md).
 
 ## SSO without MSAL.js login
 
@@ -125,8 +125,7 @@ var request = {
   extraQueryParameters: { domain_hint: "organizations" },
 };
 
-userAgentApplication
-  .acquireTokenSilent(request)
+msalInstance.acquireTokenSilent(request)
   .then(function (response) {
     const token = response.accessToken;
   })
@@ -142,6 +141,7 @@ MSAL.js brings feature parity with ADAL.js for Azure AD authentication scenarios
 To take advantage of the SSO behavior when updating from ADAL.js, you'll need to ensure the libraries are using `localStorage` for caching tokens. Set the `cacheLocation` to `localStorage` in both the MSAL.js and ADAL.js configuration at initialization as follows:
 
 ```javascript
+
 // In ADAL.js
 window.config = {
   clientId: "g075edef-0efa-453b-997b-de1337c29185",
@@ -160,7 +160,7 @@ const config = {
   },
 };
 
-const myMSALObj = new UserAgentApplication(config);
+const msalInstance = new msal.PublicClientApplication(config);
 ```
 
 Once the `cacheLocation` is configured, MSAL.js can read the cached state of the authenticated user in ADAL.js and use that to provide SSO in MSAL.js.