Merge branch 'master' of https://github.com/MicrosoftDocs/azure-docs-pr

Author: LauraBrenner

.openpublishing.redirection.json

@@ -29021,6 +29021,31 @@
       "redirect_url": "/azure/security-center/faq-general",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/security-center/security-center-alerts-iaas.md",
+      "redirect_url": "/azure/security-center/threat-protection",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/security-center/security-center-alerts-data-services.md",
+      "redirect_url": "/azure/security-center/threat-protection",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/security-center/security-center-alerts-compute.md",
+      "redirect_url": "/azure/security-center/threat-protection",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/security-center/security-center-alerts-service-layer.md",
+      "redirect_url": "/azure/security-center/threat-protection",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/security-center/security-center-alerts-integration.md",
+      "redirect_url": "/azure/security-center/threat-protection",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/security-center/security-center-playbooks.md",
       "redirect_url": "/azure/security-center/workflow-automation",

articles/active-directory-domain-services/network-considerations.md

@@ -142,7 +142,7 @@ The following network security group rules are required for Azure AD DS to provi
 
 ## User-defined routes
 
-User-defined routes aren't created by default, and aren't needed for Azure AD DS to work correctly. If you're required to use route tables, avoid making any changes to the *0.0.0.0* route. Changes to this route can disrupt Azure AD Domain Services.
+User-defined routes aren't created by default, and aren't needed for Azure AD DS to work correctly. If you're required to use route tables, avoid making any changes to the *0.0.0.0* route. Changes to this route disrupt Azure AD Domain Services and puts the managed domain in an unsupported state.
 
 You must also route inbound traffic from the IP addresses included in the respective Azure service tags to the Azure AD Domain Services subnet. For more information on service tags and their associated IP address from, see [Azure IP Ranges and Service Tags - Public Cloud](https://www.microsoft.com/en-us/download/details.aspx?id=56519).
 

articles/active-directory/conditional-access/concept-conditional-access-conditions.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: conditional-access
 ms.topic: conceptual
-ms.date: 02/11/2020
+ms.date: 02/25/2020
 
 ms.author: joflore
 author: MicrosoftGuyJFlo
@@ -61,6 +61,7 @@ Conditional Access policies by default apply to browser-based applications and a
    - Modern authentication clients
       - This option includes applications like the Office desktop and phone applications.
    - Exchange ActiveSync clients
+      - By default this includes all use of the Exchange ActiveSync (EAS) protocol. Choosing **Apply policy only to supported platforms** will limit to supported platforms like iOS, Android, and Windows.
       - When policy blocks the use of Exchange ActiveSync the affected user will receive a single quarantine email. This email with provide information on why they are blocked and include remediation instructions if able.
    - Other clients
       - This option includes clients that use basic/legacy authentication protocols including IMAP, MAPI, POP, SMTP, and legacy Office applications that do not support modern authentication.

articles/active-directory/develop/accounts-overview.md

@@ -47,7 +47,7 @@ An account in the Microsoft identity platform consists of:
 
 ## Account overview diagram
 
-![Account Overview Diagram](./media/accounts-overview/accounts-overview.png)
+![Account Overview Diagram](./media/accounts-overview/accounts-overview.svg)
 
 In the above diagram:
 

articles/active-directory/develop/media/accounts-overview/accounts-overview.png

@@ -106,7 +106,7 @@ The middleware is added to the web API by this instruction:
 
 ```csharp
  services.AddAuthentication(AzureADDefaults.JwtBearerAuthenticationScheme)
-         .AddAzureAdBearer(options => Configuration.Bind("AzureAd", options));
+         .AddAzureADBearer(options => Configuration.Bind("AzureAd", options));
 ```
 
  Currently, the ASP.NET Core templates create Azure Active Directory (Azure AD) web APIs that sign in users within your organization or any organization. They don't sign in users with personal accounts. But you can change the templates to use the Microsoft identity platform endpoint by adding this code to Startup.cs:

articles/active-directory/develop/media/accounts-overview/accounts-overview.svg

@@ -25,8 +25,7 @@ You need the Azure CLI version 2.0.76 or later installed and configured. Run `az
 The following limitations apply when you create and manage AKS clusters that support multiple node pools:
 
 * See [Quotas, virtual machine size restrictions, and region availability in Azure Kubernetes Service (AKS)][quotas-skus-regions].
-* You can't delete the default (first) node pool.
-* The HTTP application routing add-on can't be used.
+* You can't delete the system node pool, by default the first node pool.
 * The AKS cluster must use the Standard SKU load balancer to use multiple node pools, the feature is not supported with Basic SKU load balancers.
 * The AKS cluster must use virtual machine scale sets for the nodes.
 * The name of a node pool may only contain lowercase alphanumeric characters and must begin with a lowercase letter. For Linux node pools the length must be between 1 and 12 characters, for Windows node pools the length must be between 1 and 6 characters.

articles/active-directory/develop/scenario-protected-web-api-app-configuration.md

@@ -1,5 +1,5 @@
 - name: Mobile Apps Documentation
-  href: index.md
+  href: index.yml
 - name: Overview
   items:
   - name: What are Mobile Apps?