Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into CarlRabeler1

Author: julieMSFT

.openpublishing.redirection.json

@@ -533,7 +533,7 @@
     },
     {
       "source_path": "articles/site-recovery/vmware-physical-mobility-service-install-manual.md",
-      "redirect_url": "/azure/site-recovery/vmware-physical-mobility-service-overview#install-mobility-agent-through-ui",
+      "redirect_url": "/azure/site-recovery/vmware-physical-mobility-service-overview#install-the-mobility-service-using-ui",
       "redirect_document_id": false
     },
     {

articles/active-directory/manage-apps/common-scenarios.md

@@ -85,7 +85,7 @@ Identity can only be your control plane if it can connect everything across clou
 
 - [Application management](https://docs.microsoft.com/azure/active-directory/manage-apps/index)
 - [Application provisioning](https://docs.microsoft.com/azure/active-directory/app-provisioning/user-provisioning)
-- [Hybrid secure access]()
+- [Hybrid secure access](https://docs.microsoft.com/azure/active-directory/manage-apps/secure-hybrid-access)
 - [Identity governance](https://docs.microsoft.com/azure/active-directory/governance/identity-governance-overview)
 - [Microsoft identity platform](https://docs.microsoft.com/azure/active-directory/develop/v2-overview)
 - [Identity security](https://docs.microsoft.com/azure/active-directory/conditional-access/index)

articles/active-directory/saas-apps/icims-tutorial.md

@@ -27,7 +27,7 @@ In this tutorial, you'll learn how to integrate ICIMS with Azure Active Director
 * Enable your users to be automatically signed-in to ICIMS with their Azure AD accounts.
 * Manage your accounts in one central location - the Azure portal.
 
-To learn more about SaaS app integration with Azure AD, see [What is application access and single sign-on with Azure Active Directory](https://docs.microsoft.com/azure/active-directory/what-is-single-sign-on).
+To learn more about SaaS app integration with Azure AD, see [What is application access and single sign-on with Azure Active Directory](https://docs.microsoft.com/azure/active-directory/manage-apps/what-is-single-sign-on).
 
 ## Prerequisites
 
@@ -147,7 +147,7 @@ When you click the ICIMS tile in the Access Panel, you should be automatically s
 
 - [ List of Tutorials on How to Integrate SaaS Apps with Azure Active Directory ](https://docs.microsoft.com/azure/active-directory/active-directory-saas-tutorial-list)
 
-- [What is application access and single sign-on with Azure Active Directory? ](https://docs.microsoft.com/azure/active-directory/what-is-single-sign-on)
+- [What is application access and single sign-on with Azure Active Directory? ](https://docs.microsoft.com/azure/active-directory/manage-apps/what-is-single-sign-on)
 
 - [What is conditional access in Azure Active Directory?](https://docs.microsoft.com/azure/active-directory/conditional-access/overview)
 

articles/active-directory/saas-apps/mongodb-cloud-tutorial.md

@@ -23,7 +23,7 @@ ms.collection: M365-identity-device-management
 
 In this tutorial, you'll learn how to integrate MongoDB Cloud with Azure Active Directory (Azure AD). When you integrate MongoDB Cloud with Azure AD, you can:
 
-* Control in Azure AD who has access to MongoDB Cloud.
+* Control in Azure AD who has access to MongoDB Cloud, MongoDB Atlas, the MongoDB Community, University, and Support.
 * Enable your users to be automatically signed-in to MongoDB Cloud with their Azure AD accounts.
 * Manage your accounts in one central location - the Azure portal.
 
@@ -146,11 +146,11 @@ In this section, you'll enable B.Simon to use Azure single sign-on by granting a
 
 ## Configure MongoDB Cloud SSO
 
-To configure single sign-on on **MongoDB Cloud** side, you need to send the downloaded **Federation Metadata XML** and appropriate copied URLs from Azure portal to [MongoDB Cloud support team](https://support.mongodb.com/). They set this setting to have the SAML SSO connection set properly on both sides.
+To configure single sign-on on **MongoDB Cloud** side, you will need the appropriate URLs copied from the Azure portal, and you need to configure the Federation Application for your MongoDB Cloud Organization. Follow the instructions in the [MongoDB Cloud Docs](https://docs.atlas.mongodb.com/security/federated-authentication/index.html). If you encounter any issues, you can contact the [MongoDB Cloud support team](https://support.mongodb.com/) for assistance.
 
 ### Create MongoDB Cloud test user
 
-In this section, a user called Britta Simon is created in MongoDB Cloud. MongoDB Cloud supports just-in-time user provisioning, which is enabled by default. There is no action item for you in this section. If a user doesn't already exist in MongoDB Cloud, a new one is created after authentication.
+In this section, a user called B.Simon is created in MongoDB Cloud. MongoDB Cloud supports just-in-time user provisioning, which is enabled by default. There is no action item for you in this section. If a user doesn't already exist in MongoDB Cloud, a new one is created after authentication.
 
 ## Test SSO 
 
@@ -166,6 +166,8 @@ When you click the MongoDB Cloud tile in the Access Panel, you should be automat
 
 - [What is conditional access in Azure Active Directory?](https://docs.microsoft.com/azure/active-directory/conditional-access/overview)
 
+- [Signup for MongoDB Atlas on Azure](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/mongodb.mongodb_atlas_azure_08082019?tab=Overview)
+
 - [Try MongoDB Cloud with Azure AD](https://aad.portal.azure.com/)
 
 - [What is session control in Microsoft Cloud App Security?](https://docs.microsoft.com/cloud-app-security/proxy-intro-aad)

articles/active-directory/saas-apps/nitro-productivity-suite-tutorial.md

@@ -34,7 +34,7 @@ To learn more about SaaS app integration with Azure AD, see [What is application
 To get started, you need the following items:
 
 * An Azure AD subscription. If you don't have a subscription, you can get a [free account](https://azure.microsoft.com/free/).
-* Nitro Productivity Suite single sign-on (SSO) enabled subscription.
+* A Nitro Productivity Suite [Enterprise subscription](https://www.gonitro.com/pricing).
 
 ## Scenario description
 
@@ -75,43 +75,59 @@ Follow these steps to enable Azure AD SSO in the Azure portal.
 
 1. In the [Azure portal](https://portal.azure.com/), on the **Nitro Productivity Suite** application integration page, find the **Manage** section and select **single sign-on**.
 1. On the **Select a single sign-on method** page, select **SAML**.
-1. On the **Set up single sign-on with SAML** page, click the edit/pen icon for **Basic SAML Configuration** to edit the settings.
+1. On the **SAML Signing Certificate** section:
+
+    a. Find **Certificate (Base64)** and select **Download** to download the certificate and save it on your computer.
+
+	![The Certificate download link](common/certificatebase64.png)
+    
+1. On the **Set up Nitro Productivity Suite** section:
+
+    a. Click the copy icon beside **Login URL**
+    
+    ![Copy configuration URLs](common/copy-configuration-urls.png)
+    
+1. In the [Nitro Admin portal](https://admin.gonitro.com/), on the **Enterprise Settings** page find the **Single Sign-On** section and click the **Setup SAML SSO** button.
+
+	a. Paste the **Login URL** from the step above into the **Sign In URL** field.
+	
+	a. Upload the **Certificate (Base64)** from the earlier step above in the **X509 Signing Certificate** field.
+	
+	a. Click **Submit**
+	
+	a. Click **Enable Single Sign-On**
+
+
+1. Return to the [Azure portal](https://portal.azure.com/), on the **Set up single sign-on with SAML** page, click the edit/pen icon for **Basic SAML Configuration** to edit the settings.
 
    ![Edit Basic SAML Configuration](common/edit-urls.png)
 
 1. On the **Basic SAML Configuration** section, if you wish to configure the application in **IDP** initiated mode, enter the values for the following fields:
 
-    a. In the **Identifier** text box, type a URL using the following pattern:
+    a. In the **Identifier** text box, copy and paste the **SAML Entity ID** field from the [Nitro Admin portal](https://admin.gonitro.com/). It should have the following pattern:
     `urn:auth0:gonitro-prod:<ENVIRONMENT>`
 
-    b. In the **Reply URL** text box, type a URL using the following pattern:
+    b. In the **Reply URL** text box, copy and paste the **ACS URL** field from the [Nitro Admin portal](https://admin.gonitro.com/). It should have the following pattern:
     `https://gonitro-prod.eu.auth0.com/login/callback?connection=<ENVIRONMENT>`
 
 1. Click **Set additional URLs** and perform the following step if you wish to configure the application in **SP** initiated mode:
 
     In the **Sign-on URL** text box, type the URL:
     `https://sso.gonitro.com/login`
 
-	> [!NOTE]
-	> These values are not real. Update these values with the actual Identifier and Reply URL. Contact [Nitro Productivity Suite Client support team](https://www.gonitro.com/support) to get these values. You can also refer to the patterns shown in the **Basic SAML Configuration** section in the Azure portal.
+1. Click Save.
 
 1. Nitro Productivity Suite application expects the SAML assertions in a specific format, which requires you to add custom attribute mappings to your SAML token attributes configuration. The following screenshot shows the list of default attributes.
 
 	![image](common/default-attributes.png)
 
-1. In addition to above, Nitro Productivity Suite application expects few more attributes to be passed back in SAML response which are shown below. These attributes are also pre populated but you can review them as per your requirements.
+1. In addition, the Nitro Productivity Suite application expects a few more attributes to be passed back in the SAML response, as shown in the following table. These attributes are prepopulated, but you can review them per your requirements.
 
 	| Name  |  Source Attribute|
-	| ---------------| --------------- | --------- |
+	| ---------------| --------------- |
 	| employeeNumber |  user.objectid |
 
-1. On the **Set up single sign-on with SAML** page, in the **SAML Signing Certificate** section,  find **Certificate (Base64)** and select **Download** to download the certificate and save it on your computer.
-
-	![The Certificate download link](common/certificatebase64.png)
-
-1. On the **Set up Nitro Productivity Suite** section, copy the appropriate URL(s) based on your requirement.
 
-	![Copy configuration URLs](common/copy-configuration-urls.png)
 ### Create an Azure AD test user
 
 In this section, you'll create a test user in the Azure portal called B.Simon.

articles/active-directory/saas-apps/opsgenie-tutorial.md

@@ -26,7 +26,7 @@ In this tutorial, you'll learn how to integrate OpsGenie with Azure Active Direc
 * Enable your users to be automatically signed-in to OpsGenie with their Azure AD accounts.
 * Manage your accounts in one central location - the Azure portal.
 
-To learn more about SaaS app integration with Azure AD, see [What is application access and single sign-on with Azure Active Directory](https://docs.microsoft.com/azure/active-directory/what-is-single-sign-on).
+To learn more about SaaS app integration with Azure AD, see [What is application access and single sign-on with Azure Active Directory](https://docs.microsoft.com/azure/active-directory/manage-apps/what-is-single-sign-on).
 
 ## Prerequisites
 
@@ -192,7 +192,7 @@ When you click the OpsGenie tile in the Access Panel, you should be automaticall
 
 - [ List of Tutorials on How to Integrate SaaS Apps with Azure Active Directory ](https://docs.microsoft.com/azure/active-directory/active-directory-saas-tutorial-list)
 
-- [What is application access and single sign-on with Azure Active Directory? ](https://docs.microsoft.com/azure/active-directory/what-is-single-sign-on)
+- [What is application access and single sign-on with Azure Active Directory? ](https://docs.microsoft.com/azure/active-directory/manage-apps/what-is-single-sign-on)
 
 - [What is conditional access in Azure Active Directory?](https://docs.microsoft.com/azure/active-directory/conditional-access/overview)
 

articles/aks/virtual-nodes-portal.md

@@ -62,7 +62,7 @@ Virtual Nodes functionality is heavily dependent on ACI's feature set. The follo
 * [Host aliases](https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/)
 * [Arguments](../container-instances/container-instances-exec.md#restrictions) for exec in ACI
 * [DaemonSets](concepts-clusters-workloads.md#statefulsets-and-daemonsets) will not deploy pods to the virtual node
-* [Windows Server nodes (currently in preview in AKS)](windows-container-cli.md) are not supported alongside virtual nodes. You can use virtual nodes to schedule Windows Server containers without the need for Windows Server nodes in an AKS cluster.
+* Virtual nodes support scheduling Linux pods. You can manually install the open source [Virtual Kubelet ACI](https://github.com/virtual-kubelet/azure-aci) provider to schedule Windows Server containers to ACI. 
 
 ## Sign in to Azure
 

articles/api-management/api-management-configuration-repository-git.md

@@ -51,7 +51,7 @@ To view and configure your Git configuration settings, you can click the **Secur
 >
 >
 
-For information on enabling or disabling Git access using the REST API, see [Enable or disable Git access using the REST API](/rest/api/apimanagement/2019-01-01/tenantaccess?EnableGit).
+For information on enabling or disabling Git access using the REST API, see [Enable or disable Git access using the REST API](/rest/api/apimanagement/2019-12-01/tenantaccess?EnableGit).
 
 ## To save the service configuration to the Git repository
 
@@ -63,7 +63,7 @@ After a few moments the configuration is saved, and the configuration status of
 
 Once the configuration is saved to the repository, it can be cloned.
 
-For information on performing this operation using the REST API, see [Commit configuration snapshot using the REST API](/rest/api/apimanagement/2019-01-01/tenantaccess?CommitSnapshot).
+For information on performing this operation using the REST API, see [Commit configuration snapshot using the REST API](/rest/api/apimanagement/2019-12-01/tenantaccess?CommitSnapshot).
 
 ## To clone the repository to your local machine
 
@@ -137,7 +137,7 @@ git push
 
 Once your local changes are committed and pushed to the server repository, you can deploy them to your API Management service instance.
 
-For information on performing this operation using the REST API, see [Deploy Git changes to configuration database using the REST API](https://docs.microsoft.com/rest/api/apimanagement/2019-01-01/tenantconfiguration).
+For information on performing this operation using the REST API, see [Deploy Git changes to configuration database using the REST API](https://docs.microsoft.com/rest/api/apimanagement/2019-12-01/tenantconfiguration).
 
 ## File and folder structure reference of local Git repository
 
@@ -167,9 +167,9 @@ These files can be created, deleted, edited, and managed on your local file syst
 > [!NOTE]
 > The following entities are not contained in the Git repository and cannot be configured using Git.
 >
-> * [Users](https://docs.microsoft.com/rest/api/apimanagement/2019-01-01/user)
-> * [Subscriptions](https://docs.microsoft.com/rest/api/apimanagement/2019-01-01/subscription)
-> * [Named Values](https://docs.microsoft.com/rest/api/apimanagement/2019-01-01/property)
+> * [Users](https://docs.microsoft.com/rest/api/apimanagement/2019-12-01/user)
+> * [Subscriptions](https://docs.microsoft.com/rest/api/apimanagement/2019-12-01/subscription)
+> * [Named Values](https://docs.microsoft.com/rest/api/apimanagement/2019-12-01/property)
 > * Developer portal entities other than styles
 >
 
@@ -217,14 +217,14 @@ The final setting, `$ref-policy`, maps to the global policy statements file for
 ### apis folder
 The `apis` folder contains a folder for each API in the service instance, which contains the following items.
 
-* `apis\<api name>\configuration.json` - this is the configuration for the API and contains information about the backend service URL and the operations. This is the same information that would be returned if you were to call [Get a specific API](https://docs.microsoft.com/rest/api/apimanagement/2019-01-01/apis/get) with `export=true` in `application/json` format.
+* `apis\<api name>\configuration.json` - this is the configuration for the API and contains information about the backend service URL and the operations. This is the same information that would be returned if you were to call [Get a specific API](https://docs.microsoft.com/rest/api/apimanagement/2019-12-01/apis/get) with `export=true` in `application/json` format.
 * `apis\<api name>\api.description.html` - this is the description of the API and corresponds to the `description` property of the [API entity](https://docs.microsoft.com/java/api/com.microsoft.azure.storage.table.entityproperty).
 * `apis\<api name>\operations\` - this folder contains `<operation name>.description.html` files that map to the operations in the API. Each file contains the description of a single operation in the API, which maps to the `description` property of the [operation entity](https://docs.microsoft.com/rest/api/visualstudio/operations/list#operationproperties) in the REST API.
 
 ### groups folder
 The `groups` folder contains a folder for each group defined in the service instance.
 
-* `groups\<group name>\configuration.json` - this is the configuration for the group. This is the same information that would be returned if you were to call the [Get a specific group](https://docs.microsoft.com/rest/api/apimanagement/2019-01-01/group/get) operation.
+* `groups\<group name>\configuration.json` - this is the configuration for the group. This is the same information that would be returned if you were to call the [Get a specific group](https://docs.microsoft.com/rest/api/apimanagement/2019-12-01/group/get) operation.
 * `groups\<group name>\description.html` - this is the description of the group and corresponds to the `description` property of the [group entity](https://docs.microsoft.com/rest/api/apimanagement/apimanagementrest/azure-api-management-rest-api-group-entity).
 
 ### policies folder
@@ -244,7 +244,7 @@ The `portalStyles` folder contains configuration and style sheets for developer
 ### products folder
 The `products` folder contains a folder for each product defined in the service instance.
 
-* `products\<product name>\configuration.json` - this is the configuration for the product. This is the same information that would be returned if you were to call the [Get a specific product](https://docs.microsoft.com/rest/api/apimanagement/2019-01-01/product/get) operation.
+* `products\<product name>\configuration.json` - this is the configuration for the product. This is the same information that would be returned if you were to call the [Get a specific product](https://docs.microsoft.com/rest/api/apimanagement/2019-12-01/product/get) operation.
 * `products\<product name>\product.description.html` - this is the description of the product and corresponds to the `description` property of the [product entity](https://docs.microsoft.com/rest/api/apimanagement/apimanagementrest/azure-api-management-rest-api-product-entity) in the REST API.
 
 ### templates

articles/api-management/api-management-howto-add-products.md

@@ -81,7 +81,7 @@ Developers must first subscribe to a product to get access to the API. When they
 4. Choose an API and click **Select**.
 
 > [!TIP]
-> You can create or update user's subscription to a *Product* with custom subscription keys [through REST API](https://docs.microsoft.com/rest/api/apimanagement/2019-01-01/subscription/createorupdate) or PowerShell command.
+> You can create or update user's subscription to a *Product* with custom subscription keys [through REST API](https://docs.microsoft.com/rest/api/apimanagement/2019-12-01/subscription/createorupdate) or PowerShell command.
 
 ## Next steps