Merge pull request #228862 from MicrosoftDocs/main

Publish to live, Tuesday 4 AM PST, 2/28

Author: ttorble

.openpublishing.redirection.active-directory.json

@@ -1875,6 +1875,11 @@
       "redirect_url": "/azure/active-directory/hybrid/migrate-from-federation-to-cloud-authentication",
       "redirect_document_id": true
     },
+    {
+      "source_path_from_root": "/articles/active-directory/fundamentals/active-directory-deployment-checklist-p2.md",
+      "redirect_url": "/azure/active-directory/fundamentals/concept-secure-remote-workers",
+      "redirect_document_id": true
+    },
     {
       "source_path_from_root": "/articles/active-directory/conditional-access/app-based-mfa.md",
       "redirect_url": "/azure/active-directory/authentication/tutorial-enable-azure-mfa",

.openpublishing.redirection.json

@@ -5968,6 +5968,16 @@
             "redirect_url": "/azure/architecture/service-fabric/migrate-from-cloud-services",
             "redirect_document_id": false
         },
+        {
+            "source_path_from_root": "/articles/batch/batch-custom-image-pools-to-azure-compute-gallery-migration-guide.md",
+            "redirect_url": "/azure/batch",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/batch/batch-pools-to-simplified-compute-node-communication-model-migration-guide.md",
+            "redirect_url": "/azure/batch",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/batch/big-compute-resources.md",
             "redirect_url": "/azure/architecture/topics/high-performance-computing/",

articles/active-directory-b2c/media/quickstart-single-page-app/call-api-spa.png

@@ -8,7 +8,7 @@ manager: CelesteDG
 ms.service: active-directory
 ms.workload: identity
 ms.topic: quickstart
-ms.date: 01/13/2022
+ms.date: 02/23/2023
 ms.author: godonnell
 ms.subservice: B2C
 ms.custom: mode-other
@@ -53,24 +53,24 @@ In this quickstart, you use a single-page application to sign in using a social
 
 1. Browse to the URL of the application. For example, `http://localhost:6420`.
 
-    ![Single-page application sample app shown in browser](./media/quickstart-single-page-app/sample-app-spa.png)
+:::image type="content" source="./media/quickstart-single-page-app/sample-app-spa.png" alt-text="Screenshot of single-page application sample app shown in browser window." lightbox="./media/quickstart-single-page-app/sample-app-spa.png":::
 
 ## Sign in using your account
 
 1. Select **Sign In** to start the user journey.
 1. Azure AD B2C presents a sign-in page for a fictitious company called "Fabrikam" for the sample web application. To sign up using a social identity provider, select the button of the identity provider you want to use.
 
-    ![Sign In or Sign Up page showing identity provider buttons](./media/quickstart-single-page-app/sign-in-or-sign-up-spa.png)
+    :::image type="content" source="./media/quickstart-single-page-app/sign-in-or-sign-up-spa.png" alt-text="Screenshot of Sign In or Sign Up page showing identity         provider buttons" lightbox="./media/quickstart-single-page-app/sign-in-or-sign-up-spa.png":::
 
-    You authenticate (sign in) using your social account credentials and authorize the application to read information from your social account. By granting access, the application can retrieve profile information from the social account such as your name and city.
+    You authenticate (sign in) using your social account credentials and authorize the application to read information from your social account. By granting access,       the application can retrieve profile information from the social account such as your name and city.
 
 1. Finish the sign-in process for the identity provider.
 
 ## Access a protected API resource
 
 Select **Call API** to have your display name returned from the web API as a JSON object.
 
-![Sample application in browser showing the web API response](./media/quickstart-single-page-app/call-api-spa.png)
+:::image type="content" source="./media/quickstart-single-page-app/call-api-spa.png" alt-text="Screenshot of web API response showing in sample application in browser window." lightbox="./media/quickstart-single-page-app/sample-app-spa.png":::
 
 The sample single-page application includes an access token in the request to the protected web API resource.
 

articles/active-directory-b2c/media/quickstart-single-page-app/sample-app-spa.png

@@ -10,7 +10,7 @@
     href: require-tou.md
 - name: Tutorials
   items:
-  - name: Require Azure AD Multi-Factor Authentication
+  - name: Require Azure AD Multifactor Authentication
     href: ../authentication/tutorial-enable-azure-mfa.md?toc=/azure/active-directory/conditional-access/toc.json&bc=/azure/active-directory/conditional-access/breadcrumb/toc.json
 - name: Concepts
   expanded: false

articles/active-directory-b2c/media/quickstart-single-page-app/sign-in-or-sign-up-spa.png

@@ -54,7 +54,7 @@ Policy 1: All users with the directory role of Global Administrator, accessing t
    1. Under **Exclude**, select **Users and groups** and choose your organization's emergency access or break-glass accounts. 
    1. Select **Done**.
 1. Under **Cloud apps or actions** > **Include**, select **Select apps**, and select **Microsoft Azure Management**.
-1. Under **Access controls** > **Grant**, select **Grant access**, **Require multi-factor authentication**, and **Require device to be marked as compliant**, then select **Select**.
+1. Under **Access controls** > **Grant**, select **Grant access**, **Require multifactor authentication**, and **Require device to be marked as compliant**, then select **Select**.
 1. Confirm your settings and set **Enable policy** to **On**.
 1. Select **Create** to create to enable your policy.
 

articles/active-directory-b2c/quickstart-single-page-app.md

@@ -180,10 +180,10 @@ User actions are tasks that can be performed by a user. Currently, Conditional A
 
 - **Register security information**: This user action allows Conditional Access policy to enforce when users who are enabled for combined registration attempt to register their security information. More information can be found in the article, [Combined security information registration](../authentication/concept-registration-mfa-sspr-combined.md).
 
-- **Register or join devices**: This user action enables administrators to enforce Conditional Access policy when users [register](../devices/concept-azure-ad-register.md) or [join](../devices/concept-azure-ad-join.md) devices to Azure AD. It provides granularity in configuring multi-factor authentication for registering or joining devices instead of a tenant-wide policy that currently exists. There are three key considerations with this user action: 
-   - `Require multi-factor authentication` is the only access control available with this user action and all others are disabled. This restriction prevents conflicts with access controls that are either dependent on Azure AD device registration or not applicable to Azure AD device registration. 
+- **Register or join devices**: This user action enables administrators to enforce Conditional Access policy when users [register](../devices/concept-azure-ad-register.md) or [join](../devices/concept-azure-ad-join.md) devices to Azure AD. It provides granularity in configuring multifactor authentication for registering or joining devices instead of a tenant-wide policy that currently exists. There are three key considerations with this user action: 
+   - `Require multifactor authentication` is the only access control available with this user action and all others are disabled. This restriction prevents conflicts with access controls that are either dependent on Azure AD device registration or not applicable to Azure AD device registration. 
    - `Client apps`, `Filters for devices` and `Device state` conditions aren't available with this user action since they're dependent on Azure AD device registration to enforce Conditional Access policies.
-   - When a Conditional Access policy is enabled with this user action, you must set **Azure Active Directory** > **Devices** > **Device Settings** - `Devices to be Azure AD joined or Azure AD registered require Multi-Factor Authentication` to **No**. Otherwise, the Conditional Access policy with this user action isn't properly enforced. More information about this device setting can found in [Configure device settings](../devices/device-management-azure-portal.md#configure-device-settings). 
+   - When a Conditional Access policy is enabled with this user action, you must set **Azure Active Directory** > **Devices** > **Device Settings** - `Devices to be Azure AD joined or Azure AD registered require Multifactor Authentication` to **No**. Otherwise, the Conditional Access policy with this user action isn't properly enforced. More information about this device setting can found in [Configure device settings](../devices/device-management-azure-portal.md#configure-device-settings). 
 
 ## Authentication context
 

articles/active-directory/conditional-access/TOC.yml

@@ -177,7 +177,7 @@ This setting has an impact on access attempts made from the following mobile app
 - When creating a policy assigned to Exchange ActiveSync clients, **Exchange Online** should be the only cloud application assigned to the policy. 
 - Organizations can narrow the scope of this policy to specific platforms using the **Device platforms** condition.
 
-If the access control assigned to the policy uses **Require approved client app**, the user is directed to install and use the Outlook mobile client. In the case that **Multi-factor authentication**, **Terms of use**, or **custom controls** are required, affected users are blocked, because basic authentication doesn’t support these controls.
+If the access control assigned to the policy uses **Require approved client app**, the user is directed to install and use the Outlook mobile client. In the case that **Multifactor Authentication**, **Terms of use**, or **custom controls** are required, affected users are blocked, because basic authentication doesn’t support these controls.
 
 For more information, see the following articles: