Merge branch 'master' of github.com:microsoftdocs/azure-docs-pr into encryption-update

Author: Larry Franks

.openpublishing.redirection.json

@@ -3930,6 +3930,61 @@
       "redirect_url": "/azure/architecture/cloud-adoption-guide/subscription-governance",
       "redirect_document_id": true
     },
+    {
+      "source_path": "articles/azure-supportability/index.yml",
+      "redirect_url": "/azure/azure-portal/supportability/how-to-create-azure-support-request",
+      "redirect_document_id": false
+    },
+	    {
+      "source_path": "articles/azure-supportability/classic-deployment-model-quota-increase-requests.md",
+      "redirect_url": "/azure/azure-portal/supportability/classic-deployment-model-quota-increase-requests",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "articles/azure-supportability/create-manage-support-requests-using-access-control.md",
+      "redirect_url": "/azure/azure-portal/supportability/how-to-create-azure-support-request#role-based-access-control",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "articles/azure-supportability/how-to-create-azure-support-request.md",
+      "redirect_url": "/azure/azure-portal/supportability/how-to-create-azure-support-request",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "articles/azure-supportability/how-to-use-file-uploader.md",
+      "redirect_url": "/azure/azure-portal/supportability/how-to-use-file-uploader",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "articles/azure-supportability/low-priority-quota.md",
+      "redirect_url": "/azure/azure-portal/supportability/low-priority-quota",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "articles/azure-supportability/networking-quota-requests.md",
+      "redirect_url": "/azure/azure-portal/supportability/networking-quota-requests",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "articles/azure-supportability/per-vm-quota-requests.md",
+      "redirect_url": "/azure/azure-portal/supportability/per-vm-quota-requests",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "articles/azure-supportability/regional-quota-requests.md",
+      "redirect_url": "/azure/azure-portal/supportability/regional-quota-requests",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "articles/azure-supportability/resource-manager-core-quotas-request.md",
+      "redirect_url": "/azure/azure-portal/supportability/resource-manager-core-quotas-request",
+      "redirect_document_id": true
+    },
+	    {
+      "source_path": "articles/azure-supportability/sku-series-unavailable.md",
+      "redirect_url": "/azure/azure-portal/supportability/sku-series-unavailable",
+      "redirect_document_id": true
+    },
     {
       "source_path": "articles/azure-toolkit-for-eclipse-debugging-azure-applications.md",
       "redirect_url": "/java/azure/eclipse/azure-toolkit-for-eclipse",
@@ -24605,6 +24660,16 @@
       "redirect_url": "/azure/storage/blobs/storage-quickstart-blobs-java",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/storage/blobs/storage-quickstart-blobs-nodejs-v10.md",
+      "redirect_url": "/azure/storage/blobs/storage-quickstart-blobs-nodejs-legacy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/storage/blobs/storage-quickstart-blobs-javascript-client-libraries-v10.md",
+      "redirect_url": "/azure/storage/blobs/storage-quickstart-blobs-javascript-client-libraries-legacy",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/storage/blobs/storage-nodejs-how-to-use-blob-storage.md",
       "redirect_url": "/azure/storage/blobs/storage-quickstart-blobs-nodejs",
@@ -40879,11 +40944,6 @@
       "redirect_url": "/azure/azure-monitor/platform/data-platform",
       "redirect_document_id": false
     },
-    {
-      "source_path": "articles/azure-monitor/platform/data-sources-reference.md",
-      "redirect_url": "/azure/azure-monitor/platform/data-sources",
-      "redirect_document_id": false
-    },
     {
       "source_path": "articles/azure-monitor/platform/collect-activity-logs-subscriptions.md",
       "redirect_url": "/azure/azure-monitor/platform/activity-log-collect-tenants",

CODEOWNERS

@@ -1,24 +1,17 @@
 # Testing the new code owners feature in GitHub. Please contact Cory Fowler if you have questions.
-# articles/storage/  @tamram @robinsh
-# articles/virtual-machines/  @iainfoulds @cynthn
-# articles/virtual-machines/linux/  @iainfoulds @cynthn
-# articles/virtual-machines/windows/  @iainfoulds @cynthn
-# articles/application-insights/  @SergeyKanzhelev
-# articles/cosmos-db/ @mimig1
-
-# All Articles
-articles/ @apex-docs-pr-reviewers
-
 # Cognitive Services
 articles/cognitive-services/ @diberry @erhopf, @nitinme
 
 # DevOps
-
 articles/ansible/ @TomArcherMsft
 articles/chef/ @TomArcherMsft
 articles/jenkins/ @TomArcherMsft
 articles/terraform/ @TomArcherMsft
 
 # Governance
-
 articles/governance/ @DCtheGeek
+
+# Configuration
+*.json @SyntaxC4 @snoviking @arob98
+.acrolinx-config.edn @MonicaRush @arob98
+articles/zone-pivot-groups.yml @SyntaxC4 @snoviking @arob98

articles/active-directory-b2c/active-directory-b2c-reference-oidc.md

@@ -20,7 +20,7 @@ OpenID Connect is an authentication protocol, built on top of OAuth 2.0, that ca
 
 [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) extends the OAuth 2.0 *authorization* protocol for use as an *authentication* protocol. This authentication protocol allows you to perform single sign-on. It introduces the concept of an *ID token*, which allows the client to verify the identity of the user and obtain basic profile information about the user.
 
-Because it extends OAuth 2.0, it also enables applications to securely acquire *access tokens*. You can use access tokens to access resources that are secured by an [authorization server](active-directory-b2c-reference-protocols.md). OpenID Connect is recommended if you're building a web application that's hosted on a server and accessed through a browser. If you want to add identity management to your mobile or desktop applications using Azure AD B2C, you should use [OAuth 2.0](active-directory-b2c-reference-oauth-code.md) rather than OpenID Connect. For more information about tokens, see the [Overview of tokens in Azure Active Directory B2C](active-directory-b2c-reference-tokens.md)
+Because it extends OAuth 2.0, it also enables applications to securely acquire *access tokens*. You can use access tokens to access resources that are secured by an [authorization server](active-directory-b2c-reference-protocols.md). OpenID Connect is recommended if you're building a web application that's hosted on a server and accessed through a browser. For more information about tokens, see the [Overview of tokens in Azure Active Directory B2C](active-directory-b2c-reference-tokens.md)
 
 Azure AD B2C extends the standard OpenID Connect protocol to do more than simple authentication and authorization. It introduces the [user flow parameter](active-directory-b2c-reference-policies.md), which enables you to use OpenID Connect to add user experiences to your application, such as sign-up, sign-in, and profile management.
 

articles/active-directory/authentication/howto-password-ban-bad-on-premises-deploy.md

@@ -31,7 +31,7 @@ During the audit stage, many organizations find out that:
 
 It is also possible for stronger password validation to affect your existing Active Directory domain controller deployment automation. We recommend that at least one DC promotion and one DC demotion happen during the audit period evaluation in order to help uncover such issues in advance.  For more information, see:
 
-* [Ntdsutil.exe is unable to set a weak Directory Services Repair Mode password](howto-password-ban-bad-on-premises-troubleshoot.md##ntdsutilexe-fails-to-set-a-weak-dsrm-password)
+* [Ntdsutil.exe is unable to set a weak Directory Services Repair Mode password](howto-password-ban-bad-on-premises-troubleshoot.md#ntdsutilexe-fails-to-set-a-weak-dsrm-password)
 * [Domain controller replica promotion fails because of a weak Directory Services Repair Mode password](howto-password-ban-bad-on-premises-troubleshoot.md#domain-controller-replica-promotion-fails-because-of-a-weak-dsrm-password)
 * [Domain controller demotion fails due to a weak local Administrator password](howto-password-ban-bad-on-premises-troubleshoot.md#domain-controller-demotion-fails-due-to-a-weak-local-administrator-password)
 

articles/active-directory/b2b/direct-federation.md

@@ -80,8 +80,7 @@ First, your partner organization needs to configure their identity provider with
 Azure AD B2B can be configured to federate with identity providers that use the SAML protocol with specific requirements listed below. For more information about setting up a trust between your SAML identity provider and Azure AD, see  [Use a SAML 2.0 Identity Provider (IdP) for Single Sign-On](https://docs.microsoft.com/azure/active-directory/hybrid/how-to-connect-fed-saml-idp).  
 
 > [!NOTE]
-> NOTE
-The target domain for direct federation must not be DNS-verified on Azure AD. The authentication URL domain must match the target domain or it must be the domain of an allowed identity provider. See the [Limitations](#limitations) section for details. 
+> The target domain for direct federation must not be DNS-verified on Azure AD. The authentication URL domain must match the target domain or it must be the domain of an allowed identity provider. See the [Limitations](#limitations) section for details. 
 
 #### Required SAML 2.0 attributes and claims
 The following tables show requirements for specific attributes and claims that must be configured at the third-party identity provider. To set up direct federation, the following attributes must be received in the SAML 2.0 response from the identity provider. These attributes can be configured by linking to the online security token service XML file or by entering them manually.

articles/active-directory/develop/howto-add-app-roles-in-azure-ad-apps.md

@@ -33,9 +33,9 @@ These application roles are defined in the [Azure portal](https://portal.azure.c
 ### Declare app roles using Azure portal
 
 1. Sign in to the [Azure portal](https://portal.azure.com).
-1. On the top bar, select your account, and then **Switch Directory**.
-1. Once the **Directory + subscription** pane opens, choose the Active Directory tenant where you wish to register your application, from the **Favorites** or **All Directories** list.
-1. Select **All services** in the left-hand nav, and choose **Azure Active Directory**.
+1. Select the **Directory + Subscription** icon in the portal toolbar.
+1. In the **Favorites** or **All Directories** list, choose the Active Directory tenant where you wish to register your application.
+1. In the Azure portal, search for and select **Azure Active Directory**.
 1. In the  **Azure Active Directory** pane, select **App registrations** to view a list of all your applications.
 1. Select the application you want to define app roles in. Then select **Manifest**.
 1. Edit the app manifest by locating the `appRoles` setting and adding all your Application Roles.

articles/active-directory/develop/reference-v2-libraries.md

@@ -104,7 +104,7 @@ For any standards-compliant library, you can use the Microsoft identity platform
 * For issues and new feature requests in library code, contact the library owner.
 * For issues and new feature requests in the service-side protocol implementation, contact Microsoft.
 * [File a feature request](https://feedback.azure.com/forums/169401-azure-active-directory) for additional features you want to see in the protocol.
-* [Create a support request](https://docs.microsoft.com/azure/azure-supportability/how-to-create-azure-support-request) if you find an issue where the Microsoft identity platform endpoint isn't compliant with OAuth 2.0 or OpenID Connect 1.0.
+* [Create a support request](https://docs.microsoft.com/azure/azure-portal/supportability/how-to-create-azure-support-request) if you find an issue where the Microsoft identity platform endpoint isn't compliant with OAuth 2.0 or OpenID Connect 1.0.
 
 ## Related content
 

articles/active-directory/devices/troubleshoot-hybrid-join-windows-current.md

@@ -244,7 +244,7 @@ Applicable only for federated domain accounts.
 Reasons for failure:
 
 - Unable to get an Access token silently for DRS resource.
-   - Windows 10 devices acquire auth token from the federation service using Integrated Windows Authentication to an active WS-Trust endpoint. Details: [Federation Service Configuration](hybrid-azuread-join-manual.md##set-up-issuance-of-claims)
+   - Windows 10 devices acquire auth token from the federation service using Integrated Windows Authentication to an active WS-Trust endpoint. Details: [Federation Service Configuration](hybrid-azuread-join-manual.md#set-up-issuance-of-claims)
 
 **Common error codes:**
 

articles/active-directory/hybrid/how-to-connect-install-custom.md

@@ -77,7 +77,7 @@ After entering the forest name and clicking  **Add Directory**, a pop-up dialog
 | Option | Description |
 | --- | --- |
 | Create new account | Select this option if you want Azure AD Connect wizard to create the AD DS account required by Azure AD Connect for connecting to the AD forest during directory synchronization. When this option is selected, enter the username and password for an enterprise admin account. The enterprise admin account provided will be used by Azure AD Connect wizard to create the required AD DS account. You can enter the domain part in either NetBios or FQDN format, that is, FABRIKAM\administrator or fabrikam.com\administrator. |
-| Use existing account | Select this option if you want to provide an existing AD DS account to be used Azure AD Connect for connecting to the AD forest during directory synchronization. You can enter the domain part in either NetBios or FQDN format, that is, FABRIKAM\syncuser or fabrikam.com\syncuser. This account can be a regular user account because it only needs the default read permissions. However, depending on your scenario, you may need more permissions. For more information, see [Azure AD Connect Accounts and permissions](reference-connect-accounts-permissions.md##create-the-ad-ds-connector-account). |
+| Use existing account | Select this option if you want to provide an existing AD DS account to be used Azure AD Connect for connecting to the AD forest during directory synchronization. You can enter the domain part in either NetBios or FQDN format, that is, FABRIKAM\syncuser or fabrikam.com\syncuser. This account can be a regular user account because it only needs the default read permissions. However, depending on your scenario, you may need more permissions. For more information, see [Azure AD Connect Accounts and permissions](reference-connect-accounts-permissions.md#create-the-ad-ds-connector-account). |
 
 ![Connect Directory](./media/how-to-connect-install-custom/connectdir02.png)
 

articles/active-directory/hybrid/how-to-connect-sso-quick-start.md

@@ -208,7 +208,7 @@ To test the feature for a specific user, ensure that all the following condition
   - The user signs in on a corporate device.
   - The device is joined to your Active Directory domain. The device _doesn't_ need to be [Azure AD Joined](../active-directory-azureadjoin-overview.md).
   - The device has a direct connection to your domain controller (DC), either on the corporate wired or wireless network or via a remote access connection, such as a VPN connection.
-  - You have [rolled out the feature](##step-3-roll-out-the-feature) to this user through Group Policy.
+  - You have [rolled out the feature](#step-3-roll-out-the-feature) to this user through Group Policy.
 
 To test the scenario where the user enters only the username, but not the password:
    - Sign in to `https://myapps.microsoft.com/` in a new private browser session.