Merge pull request #214732 from MicrosoftDocs/main

10/17 AM Publish

Author: huypub

.openpublishing.redirection.baremetal-infrastructure.json

@@ -49,7 +49,87 @@
             "source_path": "articles/baremetal-infrastructure/workloads/nc2-public-preview/use-cases-and-supported-scenarios.md",
             "redirect_url": "/azure/baremetal-infrastructure/workloads/nc2-on-azure/use-cases-and-supported-scenarios",
             "redirect_document_id": false
-        }                                  
+        },    
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/concepts-oracle-high-availability.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },  
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/options-considerations-high-availability.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/configure-snapcenter-oracle-baremetal.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },  
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/create-on-demand-backup-oracle-baremetal.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },  
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/netapp-snapcenter-integration-oracle-baremetal.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },  
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/oracle-baremetal-architecture.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/oracle-baremetal-ethernet.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },   
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/oracle-baremetal-overview.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },    
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/oracle-baremetal-patching.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },    
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/oracle-baremetal-provision.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },    
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/oracle-baremetal-skus.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },    
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/oracle-baremetal-storage.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },    
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/oracle-high-availability-recovery.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },    
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/restore-oracle-database-baremetal.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },    
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/set-up-snapcenter-to-route-traffic.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/baremetal-infrastructure/workloads/oracle/high-availability-features.md",
+            "redirect_url": "/azure/virtual-machines/workloads/oracle/oracle-overview",
+            "redirect_document_id": false
+        }                     
     ]
 }
 

.openpublishing.redirection.json

@@ -28773,6 +28773,11 @@
             "source_path": "articles/aks/keda-troubleshoot.md",
             "redirect_url": "/troubleshoot/azure/azure-kubernetes/troubleshoot-kubernetes-event-driven-autoscaling-add-on?context=/azure/aks/context/aks-context",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/virtual-machines/windows/using-visual-studio-vm.md",
+            "redirect_url": "/visualstudio/install/using-visual-studio-vm",
+            "redirect_document_id": false
         }
 
     ]

.openpublishing.redirection.virtual-desktop.json

@@ -30,11 +30,6 @@
             "redirect_url": "/azure/virtual-desktop/rdp-shortpath",
             "redirect_document_id": false
         },
-        {
-            "source_path_from_root": "/articles/virtual-machines/windows/using-visual-studio-vm.md",
-            "redirect_url": "/visualstudio/install/using-visual-studio-vm",
-            "redirect_document_id": false
-        },
         {
             "source_path": "articles/virtual-desktop/azure-stack-hci-faq.yml",
             "redirect_url": "/azure/virtual-desktop/azure-stack-hci",

articles/active-directory/conditional-access/concept-conditional-access-cloud-apps.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: conditional-access
 ms.topic: conceptual
-ms.date: 08/09/2022
+ms.date: 09/14/2022
 
 ms.author: joflore
 author: MicrosoftGuyJFlo
@@ -21,7 +21,7 @@ Cloud apps, actions, and authentication context are key signals in a Conditional
 
 - Administrators can choose from the list of applications that include built-in Microsoft applications and any [Azure AD integrated applications](../manage-apps/what-is-application-management.md) including gallery, non-gallery, and applications published through [Application Proxy](../app-proxy/what-is-application-proxy.md).
 - Administrators may choose to define policy not based on a cloud application but on a [user action](#user-actions) like **Register security information** or **Register or join devices**, allowing Conditional Access to enforce controls around those actions.
-- Administrators can use [authentication context](#authentication-context-preview) to provide an extra layer of security in applications. 
+- Administrators can use [authentication context](#authentication-context) to provide an extra layer of security in applications. 
 
 ![Define a Conditional Access policy and specify cloud apps](./media/concept-conditional-access-cloud-apps/conditional-access-cloud-apps-or-actions.png)
 
@@ -185,7 +185,7 @@ User actions are tasks that can be performed by a user. Currently, Conditional A
    - `Client apps`, `Filters for devices` and `Device state` conditions aren't available with this user action since they're dependent on Azure AD device registration to enforce Conditional Access policies.
    - When a Conditional Access policy is enabled with this user action, you must set **Azure Active Directory** > **Devices** > **Device Settings** - `Devices to be Azure AD joined or Azure AD registered require Multi-Factor Authentication` to **No**. Otherwise, the Conditional Access policy with this user action isn't properly enforced. More information about this device setting can found in [Configure device settings](../devices/device-management-azure-portal.md#configure-device-settings). 
 
-## Authentication context (Preview)
+## Authentication context
 
 Authentication context can be used to further secure data and actions in applications. These applications can be your own custom applications, custom line of business (LOB) applications, applications like SharePoint, or applications protected by Microsoft Defender for Cloud Apps. 
 
@@ -197,11 +197,7 @@ Authentication contexts are managed in the Azure portal under **Azure Active Dir
 
 ![Manage authentication context in the Azure portal](./media/concept-conditional-access-cloud-apps/conditional-access-authentication-context-get-started.png)
 
-> [!WARNING]
-> * Deleting authentication context definitions is not possible during the preview. 
-> * The preview is limited to a total of 25 authentication context definitions in the Azure portal.
-
-Create new authentication context definitions by selecting **New authentication context** in the Azure portal. Configure the following attributes:
+Create new authentication context definitions by selecting **New authentication context** in the Azure portal. Organizations are limited to a total of 25 authentication context definitions. Configure the following attributes:
 
 - **Display name** is the name that is used to identify the authentication context in Azure AD and across applications that consume authentication contexts. We recommend names that can be used across resources, like "trusted devices", to reduce the number of authentication contexts needed. Having a reduced set limits the number of redirects and provides a better end to end-user experience.
 - **Description** provides more information about the policies it's used by Azure AD administrators and those applying authentication contexts to resources.
@@ -214,6 +210,12 @@ Administrators can select published authentication contexts in their Conditional
 
 :::image type="content" source="media/concept-conditional-access-cloud-apps/conditional-access-authentication-context-in-policy.png" alt-text="Adding a Conditional Access authentication context to a policy":::
 
+#### Delete an authentication context 
+
+When you delete an authentication context, make sure no applications are still using it. Otherwise access to app data will no longer be protected. You can confirm this prerequisite by checking sign-in logs for cases when the authentication context Conditional Access policies are being applied. 
+
+To delete an authentication context, it must have no assigned Conditional Access policies and must not be published to apps. This requirement helps prevent the accidental deletion of an authentication context that is still in use. 
+
 ### Tag resources with authentication contexts 
 
 For more information about authentication context use in applications, see the following articles.

articles/active-directory/develop/developer-guide-conditional-access-authentication-context.md

@@ -19,7 +19,7 @@ ms.custom: aaddev
 ---
 # Developer guide to Conditional Access authentication context
 
-[Conditional Access](../conditional-access/overview.md) is the Zero Trust control plane that allows you to target policies for access to all your apps – old or new, private, or public, on-premises, or multi-cloud. With [Conditional Access authentication context](../conditional-access/concept-conditional-access-cloud-apps.md#authentication-context-preview), you can apply different policies within those apps.
+[Conditional Access](../conditional-access/overview.md) is the Zero Trust control plane that allows you to target policies for access to all your apps – old or new, private, or public, on-premises, or multi-cloud. With [Conditional Access authentication context](../conditional-access/concept-conditional-access-cloud-apps.md#authentication-context), you can apply different policies within those apps.
 
 Conditional Access authentication context (auth context) allows you to apply granular policies to sensitive data and actions instead of just at the app level. You can refine your Zero Trust policies for least privileged access while minimizing user friction and keeping users more productive and your resources more secure. Today, it can be used by applications using [OpenId Connect](https://openid.net/specs/openid-connect-core-1_0.html) for authentication developed by your company to protect sensitive resources, like high-value transactions or viewing employee personal data.
 
@@ -221,7 +221,7 @@ Do not use auth context where the app itself is going to be a target of Conditio
 - [Granular Conditional Access for sensitive data and actions (Blog)](https://techcommunity.microsoft.com/t5/azure-active-directory-identity/granular-conditional-access-for-sensitive-data-and-actions/ba-p/1751775)
 - [Zero trust with the Microsoft Identity platform](/security/zero-trust/identity-developer)
 - [Building Zero Trust ready apps with the Microsoft identity platform](/security/zero-trust/identity-developer)
-- [Conditional Access authentication context](../conditional-access/concept-conditional-access-cloud-apps.md#authentication-context-preview)
+- [Conditional Access authentication context](../conditional-access/concept-conditional-access-cloud-apps.md#authentication-context)
 - [authenticationContextClassReference resource type - MS Graph](/graph/api/conditionalaccessroot-list-authenticationcontextclassreferences)
 - [Claims challenge, claims request, and client capabilities in the Microsoft identity platform](claims-challenge.md)
 - [Using authentication context with Microsoft Purview Information Protection and SharePoint](/microsoft-365/compliance/sensitivity-labels-teams-groups-sites#more-information-about-the-dependencies-for-the-authentication-context-option)

articles/active-directory/develop/msal-js-sso.md

@@ -39,6 +39,8 @@ const config = {
 const msalInstance = new msal.PublicClientApplication(config);
 ```
 
+In this case, application instances in different browser tabs make use of the same MSAL cache, thus sharing the authentication state between them.
+
 ## SSO between different apps
 
 When a user authenticates, a session cookie is set on the Azure AD domain in the browser. MSAL.js relies on this session cookie to provide SSO for the user between different applications. MSAL.js also caches the ID tokens and access tokens of the user in the browser storage per application domain.
@@ -47,7 +49,7 @@ MSAL.js offers the `ssoSilent` method to sign-in the user and obtain tokens with
 
 ### With user hint
 
-To improve performance and ensure that the authorization server will look for the correct account session. You can pass one of the following options in the request object of the `ssoSilent` method to obtain the token silently.
+To improve performance and ensure that the authorization server will look for the correct account session, you can pass one of the following options in the request object of the `ssoSilent` method to obtain the token silently.
 
 - Session ID `sid` (which can be retrieved from `idTokenClaims` of an `account` object)
 - `login_hint` (which can be retrieved from the `account` object username property or the `upn` claim in the ID token)
@@ -181,7 +183,7 @@ For better performance and to help avoid issues, set the `redirectUri` to a blan
 InteractionRequiredAuthError: login_required: AADSTS50058: A silent sign-in request was sent but no user is signed in. The cookies used to represent the user's session were not sent in the request to Azure AD
 ```
 
-To resolve the error, the user must create an interactive authentication request using the `loginPopup()` or `loginRedirect()`.
+To resolve the error, the user must create an interactive authentication request using the `loginPopup()` or `loginRedirect()`. In some cases, the prompt value **none** can be used together with an interactive MSAL.js method to achieve SSO. See [Interactive requests with prompt=none](msal-js-prompt-behavior.md#interactive-requests-with-promptnone) for more.
 
 Additionally, the request object is required when using the **silent** methods. If you already have the user's sign-in information, you can pass either the `loginHint` or `sid` optional parameters to sign-in a specific account.
 
@@ -220,6 +222,6 @@ Once the `cacheLocation` is configured, MSAL.js can read the cached state of the
 
 For more information about SSO, see:
 
-- [Single Sign-on SAML protocol](single-sign-on-saml-protocol.md)
+- [MSAL.js prompt behavior](msal-js-prompt-behavior.md)
 - [Optional token claims](active-directory-optional-claims.md)
 - [Configurable token lifetimes](active-directory-configurable-token-lifetimes.md)