Skip to content

Commit fc75124

Browse files
ajburnleajburnle
committed
Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr into azuread-fundamentals-whatsnewjan22
2 parents 6e86885 + 2ab9042 commit fc75124

File tree

569 files changed

+10674
-5501
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

569 files changed

+10674
-5501
lines changed

.openpublishing.publish.config.json

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -800,7 +800,13 @@
800800
"url": "https://github.com/Azure-Samples/msdocs-python-django-webapp-quickstart",
801801
"branch": "main",
802802
"branch_mapping": {}
803-
}
803+
},
804+
{
805+
"path_to_root": "msdocs-nodejs-mongodb-azure-sample-app",
806+
"url": "https://github.com/Azure-Samples/msdocs-nodejs-mongodb-azure-sample-app",
807+
"branch": "main",
808+
"branch_mapping": {}
809+
}
804810
],
805811
"branch_target_mapping": {
806812
"live": [

.openpublishing.redirection.active-directory.json

Lines changed: 105 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -740,6 +740,111 @@
740740
"redirect_url": "/visualstudio/azure/vs-active-directory-webapi-what-happened",
741741
"redirect_document_id": false
742742
},
743+
{
744+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-javascript-auth-code-angular.md",
745+
"redirect_url": "/azure/active-directory/develop/single-page-app-quickstart?pivots=devlang-angular",
746+
"redirect_document_id": false
747+
},
748+
{
749+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-javascript-auth-code.md",
750+
"redirect_url": "/azure/active-directory/develop/single-page-app-quickstart?pivots=devlang-javascript",
751+
"redirect_document_id": false
752+
},
753+
{
754+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-javascript-auth-code-react.md",
755+
"redirect_url": "/azure/active-directory/develop/single-page-app-quickstart?pivots=devlang-react",
756+
"redirect_document_id": false
757+
},
758+
{
759+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-aspnet-webapp.md",
760+
"redirect_url": "/azure/active-directory/develop/web-app-quickstart?pivots=devlang-aspnet",
761+
"redirect_document_id": false
762+
},
763+
{
764+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-aspnet-core-webapp.md",
765+
"redirect_url": "/azure/active-directory/develop/web-app-quickstart?pivots=devlang-aspnet-core",
766+
"redirect_document_id": false
767+
},
768+
{
769+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-aspnet-core-webapp-calls-graph.md",
770+
"redirect_url": "/azure/active-directory/develop/web-app-quickstart?pivots=devlang-aspnet-core",
771+
"redirect_document_id": false
772+
},
773+
{
774+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-nodejs-webapp-msal.md",
775+
"redirect_url": "/azure/active-directory/develop/web-app-quickstart?pivots=devlang-nodejs-msal",
776+
"redirect_document_id": false
777+
},
778+
{
779+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-nodejs-webapp.md",
780+
"redirect_url": "/azure/active-directory/develop/web-app-quickstart?pivots=devlang-nodejs-passport",
781+
"redirect_document_id": false
782+
},
783+
{
784+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-java-webapp.md",
785+
"redirect_url": "/azure/active-directory/develop/web-app-quickstart?pivots=devlang-java",
786+
"redirect_document_id": false
787+
},
788+
{
789+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-python-webapp.md",
790+
"redirect_url": "/azure/active-directory/develop/web-app-quickstart?pivots=devlang-python",
791+
"redirect_document_id": false
792+
},
793+
{
794+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-dotnet-native-aspnet.md",
795+
"redirect_url": "/azure/active-directory/develop/web-api-quickstart?pivots=devlang-aspnet",
796+
"redirect_document_id": false
797+
},
798+
{
799+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-aspnet-core-web-api.md",
800+
"redirect_url": "/azure/active-directory/develop/web-api-quickstart?pivots=devlang-aspnet-core",
801+
"redirect_document_id": false
802+
},
803+
{
804+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-android.md",
805+
"redirect_url": "/azure/active-directory/develop/mobile-app-quickstart?pivots=devlang-android",
806+
"redirect_document_id": false
807+
},
808+
{
809+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-ios.md",
810+
"redirect_url": "/azure/active-directory/develop/mobile-app-quickstart?pivots=devlang-ios",
811+
"redirect_document_id": false
812+
},
813+
{
814+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-uwp.md",
815+
"redirect_url": "/azure/active-directory/develop/desktop-app-quickstart?pivots=devlang-uwp",
816+
"redirect_document_id": false
817+
},
818+
{
819+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-windows-desktop.md",
820+
"redirect_url": "/azure/active-directory/develop/desktop-app-quickstart?pivots=devlang-windows-desktop",
821+
"redirect_document_id": false
822+
},
823+
{
824+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-nodejs-desktop.md",
825+
"redirect_url": "/azure/active-directory/develop/desktop-app-quickstart?pivots=devlang-nodejs-electron",
826+
"redirect_document_id": false
827+
},
828+
{
829+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-netcore-daemon.md",
830+
"redirect_url": "/azure/active-directory/develop/console-app-quickstart?pivots=devlang-dotnet-core",
831+
"redirect_document_id": false
832+
},
833+
{
834+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-python-daemon.md",
835+
"redirect_url": "/azure/active-directory/develop/console-app-quickstart?pivots=devlang-python",
836+
"redirect_document_id": false
837+
},
838+
{
839+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-nodejs-console.md",
840+
"redirect_url": "/azure/active-directory/develop/console-app-quickstart?pivots=devlang-nodejs",
841+
"redirect_document_id": false
842+
},
843+
{
844+
"source_path_from_root": "/articles/active-directory/develop/quickstart-v2-java-daemon.md",
845+
"redirect_url": "/azure/active-directory/develop/console-app-quickstart?pivots=devlang-java",
846+
"redirect_document_id": false
847+
},
743848
{
744849
"source_path_from_root": "/articles/active-directory/active-directory-application-proxy-connectors.md",
745850
"redirect_url": "/azure/active-directory/active-directory-application-proxy-connectors-azure-portal",

.openpublishing.redirection.json

Lines changed: 43 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -2518,6 +2518,11 @@
25182518
"redirect_url": "/azure/machine-learning/how-to-configure-auto-train#troubleshooting",
25192519
"redirect_document_id": false
25202520
},
2521+
{
2522+
"source_path": "articles/machine-learning/how-to-compute-cluster-instance-os-upgrade.md",
2523+
"redirect_url": "/azure/machine-learning/concept-vulnerability-management",
2524+
"redirect_document_id": false
2525+
},
25212526
{
25222527
"source_path": "articles/machine-learning/how-to-deploy-custom-docker-image.md",
25232528
"redirect_url": "/azure/machine-learning/how-to-deploy-custom-container",
@@ -13474,7 +13479,7 @@
1347413479
},
1347513480
{
1347613481
"source_path_from_root": "/articles/connectors/connectors-create-api-excel.md",
13477-
"redirect_url": "/connectors/excelonlinebusiness/",
13482+
"redirect_url": "/connectors/excelonlinebusiness",
1347813483
"redirect_document_id": false
1347913484
},
1348013485
{
@@ -31327,11 +31332,6 @@
3132731332
"redirect_url": "https://azure.microsoft.com/updates/cleardb-removal-from-the-azure-marketplace/",
3132831333
"redirect_document_id": false
3132931334
},
31330-
{
31331-
"source_path_from_root": "/articles/connectors/connectors-create-api-box",
31332-
"redirect_url": "/connectors/box/",
31333-
"redirect_document_id": true
31334-
},
3133531335
{
3133631336
"source_path_from_root": "/articles/logic-apps/logic-apps-custom-connector-register.md",
3133731337
"redirect_url": "/connectors/custom-connectors",
@@ -31372,15 +31372,20 @@
3137231372
"redirect_url": "/connectors/custom-connectors/submit-certification",
3137331373
"redirect_document_id": false
3137431374
},
31375+
{
31376+
"source_path_from_root": "/articles/connectors/connectors-create-api-box",
31377+
"redirect_url": "/connectors/box/",
31378+
"redirect_document_id": false
31379+
},
3137531380
{
3137631381
"source_path_from_root": "/articles/connectors/connectors-create-api-dropbox",
3137731382
"redirect_url": "/connectors/dropbox/",
31378-
"redirect_document_id": true
31383+
"redirect_document_id": false
3137931384
},
3138031385
{
3138131386
"source_path_from_root": "/articles/connectors/connectors-create-api-facebook",
3138231387
"redirect_url": "/connectors/facebook/",
31383-
"redirect_document_id": true
31388+
"redirect_document_id": false
3138431389
},
3138531390
{
3138631391
"source_path_from_root": "/articles/connectors/connectors-create-api-googledrive.md",
@@ -31390,47 +31395,47 @@
3139031395
{
3139131396
"source_path_from_root": "/articles/connectors/connectors-create-api-mailchimp",
3139231397
"redirect_url": "/connectors/mailchimp/",
31393-
"redirect_document_id": true
31398+
"redirect_document_id": false
3139431399
},
3139531400
{
3139631401
"source_path_from_root": "/articles/connectors/connectors-create-api-microsofttranslator",
3139731402
"redirect_url": "/connectors/microsofttranslator/",
31398-
"redirect_document_id": true
31403+
"redirect_document_id": false
3139931404
},
3140031405
{
3140131406
"source_path_from_root": "/articles/connectors/connectors-create-api-office365-users",
3140231407
"redirect_url": "/connectors/office365users/",
31403-
"redirect_document_id": true
31408+
"redirect_document_id": false
3140431409
},
3140531410
{
3140631411
"source_path_from_root": "/articles/connectors/connectors-create-api-office365-video",
3140731412
"redirect_url": "/connectors/office365video/",
31408-
"redirect_document_id": true
31413+
"redirect_document_id": false
3140931414
},
3141031415
{
3141131416
"source_path_from_root": "/articles/connectors/connectors-create-api-projectonline",
3141231417
"redirect_url": "/connectors/projectonline/",
31413-
"redirect_document_id": true
31418+
"redirect_document_id": false
3141431419
},
3141531420
{
3141631421
"source_path_from_root": "/articles/connectors/connectors-create-api-rss",
3141731422
"redirect_url": "/connectors/rss/",
31418-
"redirect_document_id": true
31423+
"redirect_document_id": false
3141931424
},
3142031425
{
3142131426
"source_path_from_root": "/articles/connectors/connectors-create-api-trello",
3142231427
"redirect_url": "/connectors/trello/",
31423-
"redirect_document_id": true
31428+
"redirect_document_id": false
3142431429
},
3142531430
{
3142631431
"source_path_from_root": "/articles/connectors/connectors-create-api-twitter",
3142731432
"redirect_url": "/connectors/twitter/",
31428-
"redirect_document_id": true
31433+
"redirect_document_id": false
3142931434
},
3143031435
{
3143131436
"source_path_from_root": "/articles/connectors/connectors-create-api-yammer",
3143231437
"redirect_url": "/connectors/yammer/",
31433-
"redirect_document_id": true
31438+
"redirect_document_id": false
3143431439
},
3143531440
{
3143631441
"source_path_from_root": "/articles/connectors/connectors-create-api-wunderlist.md",
@@ -40767,6 +40772,21 @@
4076740772
"redirect_url": "/azure/aks/",
4076840773
"redirect_document_id": false
4076940774
},
40775+
{
40776+
"source_path": "articles/aks/open-service-mesh-ip-port-exclusion.md",
40777+
"redirect_url": "/azure/aks/open-service-mesh-about",
40778+
"redirect_document_id": false
40779+
},
40780+
{
40781+
"source_path": "articles/aks/open-service-mesh-deploy-new-application.md",
40782+
"redirect_url": "/azure/aks/open-service-mesh-about",
40783+
"redirect_document_id": false
40784+
},
40785+
{
40786+
"source_path": "articles/aks/open-service-mesh-deploy-existing-application.md",
40787+
"redirect_url": "/azure/aks/open-service-mesh-about",
40788+
"redirect_document_id": false
40789+
},
4077040790
{
4077140791
"source_path_from_root": "/articles/azure-monitor/platform/alerts-metric-create-templates.md",
4077240792
"redirect_url": "/azure/azure-monitor/alerts/alerts-metric-create-templates",
@@ -45276,6 +45296,11 @@
4527645296
"source_path_from_root": "/articles/azure/cognitive-services/translator/tutorial-build-flask-app-translation-synthesis.md",
4527745297
"redirect_url": "/learn/modules/translate-text-with-translator-service?toc=/azure/cognitive-services/translator/toc.json&bc=/azure/cognitive-services/translator/breadcrumb/toc.json",
4527845298
"redirect_document_id": false
45279-
}
45299+
},
45300+
{
45301+
"source_path_from_root": "/articles/governance/policy/how-to/guest-configuration-create-group-policy.md",
45302+
"redirect_url": "/azure/governance/policy/how-to/guest-configuration-create",
45303+
"redirect_document_id": false
45304+
}
4528045305
]
4528145306
}

articles/active-directory-domain-services/manage-group-policy.md

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -23,9 +23,7 @@ This article shows you how to install the Group Policy Management tools, then ed
2323

2424
If you are interested in server management strategy, including machines in Azure and
2525
[hybrid connected](../azure-arc/servers/overview.md),
26-
consider reading how to
27-
[convert Group Policy content](../governance/policy/how-to/guest-configuration-create-group-policy.md)
28-
to the
26+
consider reading about the
2927
[guest configuration](../governance/policy/concepts/guest-configuration.md)
3028
feature of
3129
[Azure Policy](../governance/policy/overview.md).

articles/active-directory/authentication/concept-authentication-passwordless.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -122,8 +122,9 @@ The following providers offer FIDO2 security keys of different form factors that
122122
| IDmelon Technologies Inc. | ![y] | ![y]| ![y]| ![y]| ![n] | https://www.idmelon.com/#idmelon |
123123
| Kensington | ![y] | ![y]| ![n]| ![n]| ![n] | https://www.kensington.com/solutions/product-category/why-biometrics/ |
124124
| KONA I | ![y] | ![n]| ![y]| ![y]| ![n] | https://konai.com/business/security/fido |
125-
| NEOWAVE | ![n] | ![y]| ![y]| ![n]| ![n] | https://neowave.fr/en/products/fido-range/ |
125+
| NeoWave | ![n] | ![y]| ![y]| ![n]| ![n] | https://neowave.fr/en/products/fido-range/ |
126126
| Nymi | ![y] | ![n]| ![y]| ![n]| ![n] | https://www.nymi.com/nymi-band |
127+
| Octatco | ![y] | ![y]| ![n]| ![n]| ![n] | https://octatco.com/ |
127128
| OneSpan Inc. | ![n] | ![y]| ![n]| ![y]| ![n] | https://www.onespan.com/products/fido |
128129
| Thales Group | ![n] | ![y]| ![y]| ![n]| ![n] | https://cpl.thalesgroup.com/access-management/authenticators/fido-devices |
129130
| Thetis | ![y] | ![y]| ![y]| ![y]| ![n] | https://thetis.io/collections/fido2 |

articles/active-directory/develop/includes/remind-not-to-relay-token-nonaud.md

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
---
2+
title: Don't send your middle-tier OBO token to any non-audience party
3+
description: Include file warning that access tokens acquired by the middle-tier shouldn't be sent to any party except that which is identified by the audience claim.
4+
services: active-directory
5+
author: iambmelt
6+
manager: CelesteDG
7+
8+
ms.service: active-directory
9+
ms.subservice: develop
10+
ms.workload: identity
11+
ms.topic: include
12+
ms.date: 12/7/2021
13+
ms.author: brianmel
14+
ms.reviewer: brianmel
15+
ms.custom: aaddev
16+
---
17+
18+
> [!WARNING]
19+
> **DO NOT** send access tokens that were issued to the middle tier to any other party. Access tokens issued to the middle tier are intended for use _only_ by that middle tier.
20+
>
21+
> Security risks of relaying access tokens from a middle-tier resource to a client (instead of the client getting the access tokens themselves) include:
22+
>
23+
> - Increased risk of token interception over compromised SSL/TLS channels.
24+
> - Inability to satisfy token binding and Conditional Access scenarios requiring claim step-up (for example, MFA, Sign-in Frequency).
25+
> - Incompatibility with admin-configured device-based policies (for example, MDM, location-based policies).

articles/active-directory/develop/v2-oauth2-on-behalf-of-flow.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,8 @@ To request an access token, make an HTTP POST to the tenant-specific Microsoft i
5252
https://login.microsoftonline.com/<tenant>/oauth2/v2.0/token
5353
```
5454

55+
[!INCLUDE [remind-not-to-relay-token-nonaud](includes/remind-not-to-relay-token-nonaud.md)]
56+
5557
There are two cases depending on whether the client application chooses to be secured by a shared secret or a certificate.
5658

5759
### First case: Access token request with a shared secret

articles/active-directory/fundamentals/service-accounts-governing-azure.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ ms.collection: M365-identity-device-management
2020
There are three types of service accounts in Azure Active Directory (Azure AD): [managed identities](service-accounts-managed-identities.md), [service principals](service-accounts-principal.md), and user accounts employed as service accounts. As you create these service accounts for automated use, they're granted permissions to access resources in Azure and Azure AD. Resources can include Microsoft 365 services, software as a service (SaaS) applications, custom applications, databases, HR systems, and so on. Governing Azure AD service accounts means that you manage their creation, permissions, and lifecycle to ensure security and continuity.
2121

2222
> [!IMPORTANT]
23-
> We do not recommend using user accounts as service accounts as they are inherently less secure. This includes on-premises service accounts that are synced to Azure AD, as they are not converted to service principals. Instead, we recommend the use of managed identities or service principals. Note that at this time the use of conditional access policies is not possible with service principals, but the functionality is coming.
23+
> We do not recommend using user accounts as service accounts as they are inherently less secure. This includes on-premises service accounts that are synced to Azure AD, as they are not converted to service principals. Instead, we recommend the use of managed identities or service principals. Note that at this time the use of conditional access policies with service principals is called Conditional Access for workload identities and it's in public preview.
2424
2525

2626
## Plan your service account

0 commit comments

Comments
 (0)