Merge pull request #63741 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to master to sync with https://github.com/Microsoft/azure-docs (branch master)
MicrosoftDocs · Jan 23, 2019 · dcca2a5 · dcca2a5
2 parents 80a6390 + 7766690
commit dcca2a5
Show file tree

Hide file tree

Showing 77 changed files with 212 additions and 146 deletions.
diff --git a/articles/active-directory/hybrid/reference-connect-adsyncconfig.md b/articles/active-directory/hybrid/reference-connect-adsyncconfig.md
@@ -1372,7 +1372,7 @@ Show-ADSyncADObjectPermissions [-ADobjectDN] <String> [<CommonParameters>]
 ```
 
 ### DESCRIPTION
-This function retuns all the AD permissions currently set for a given AD object provided in the parameter -ADobjectDN.
+This function returns all the AD permissions currently set for a given AD object provided in the parameter -ADobjectDN.
 The ADobjectDN must be provided in a DistinguishedName format.
 
 ### EXAMPLES

diff --git a/...ctive-directory/reports-monitoring/howto-analyze-activity-logs-log-analytics.md b/...ctive-directory/reports-monitoring/howto-analyze-activity-logs-log-analytics.md
@@ -22,7 +22,7 @@ ms.reviewer: dhanyahk
 
 # Analyze Azure AD activity logs with Log Analytics (preview)
 
-After you [integrate Azure AD activity logs with Log Analytics](howto-integrate-activity-logs-with-log-analytics.md), you can use the power of Log Analytics to gain insights into your envrionment. You can also install the [Log Analytics views for Azure AD activity logs](howto-install-use-log-analytics-views.md) to get access to pre-built reports around audit and sign-in events in your environment.
+After you [integrate Azure AD activity logs with Log Analytics](howto-integrate-activity-logs-with-log-analytics.md), you can use the power of Log Analytics to gain insights into your environment. You can also install the [Log Analytics views for Azure AD activity logs](howto-install-use-log-analytics-views.md) to get access to pre-built reports around audit and sign-in events in your environment.
 
 In this article, you learn how to analyze the Azure AD activity logs in your Log Analytics workspace. 
 

diff --git a/articles/active-directory/reports-monitoring/index.yml b/articles/active-directory/reports-monitoring/index.yml
@@ -17,7 +17,7 @@ metadata:
   ms.author: priyamo
 abstract:
   description: "Learn how to view security and audit reports for your environment, or monitor them over time to gain insights into usage patterns.
-With Azure Active Directory (Azure AD) reports, you can gain insights into the security and usage patterns in your environment. For example, you can answer the following questions:<ul><li>How are the applications or services utilized by the users?</li><li>What are the potential risks affecting the health of the envrionment</li><li>How to troubleshoot issues preventing users from getting their work done</li>"
+With Azure Active Directory (Azure AD) reports, you can gain insights into the security and usage patterns in your environment. For example, you can answer the following questions:<ul><li>How are the applications or services utilized by the users?</li><li>What are the potential risks affecting the health of the environment</li><li>How to troubleshoot issues preventing users from getting their work done</li>"
 
 sections:
 - title: 5-minute quickstarts

diff --git a/articles/active-directory/users-groups-roles/roles-delegate-by-task.md b/articles/active-directory/users-groups-roles/roles-delegate-by-task.md
@@ -115,7 +115,7 @@ Task | Least privileged role | Additional roles
 Disable device | Cloud device administrator | 
 Enable device | Cloud device administrator | 
 Read basic configuration | Default user role ([see documentation](https://docs.microsoft.com/azure/active-directory/fundamentals/users-default-permissions)) | 
-Read Bitlocker keys | Security Reader | Password administrator, Security administrator
+Read BitLocker keys | Security Reader | Password administrator, Security administrator
 
 ## Enterprise applications
 

diff --git a/articles/app-service/overview-inbound-outbound-ips.md b/articles/app-service/overview-inbound-outbound-ips.md
@@ -54,12 +54,20 @@ You can find the same information by running the following command in the [Cloud
 az webapp show --resource-group <group_name> --name <app_name> --query outboundIpAddresses --output tsv
 ```
 
+```azurepowershell
+(Get-AzWebApp -ResourceGroup <group_name> -name <app_name>).OutboundIpAddresses
+```
+
 To find all possible outbound IP addresses for your app, regardless of pricing tiers, run the following command in the [Cloud Shell](../cloud-shell/quickstart.md).
 
 ```azurecli-interactive
 az webapp show --resource-group <group_name> --name <app_name> --query possibleOutboundIpAddresses --output tsv
 ```
 
+```azurepowershell
+(Get-AzWebApp -ResourceGroup <group_name> -name <app_name>).PossibleOutboundIpAddresses
+```
+
 ## Next steps
 
 Learn how to restrict inbound traffic by source IP addresses.

diff --git a/articles/automation/automation-hybrid-runbook-worker.md b/articles/automation/automation-hybrid-runbook-worker.md
@@ -109,6 +109,7 @@ If you have an Automation account that's defined for a specific region, you can
 | West Central US | wcus-jobruntimedata-prod-su1.azure-automation.net</br>wcus-agentservice-prod-1.azure-automation.net |
 | South Central US |scus-jobruntimedata-prod-su1.azure-automation.net</br>scus-agentservice-prod-1.azure-automation.net |
 | East US 2 |eus2-jobruntimedata-prod-su1.azure-automation.net</br>eus2-agentservice-prod-1.azure-automation.net |
+| West US 2 |wus2-jobruntimedata-prod-su1.azure-automation.net</br>wus2-agentservice-prod-1.azure-automation.net |
 | Canada Central |cc-jobruntimedata-prod-su1.azure-automation.net</br>cc-agentservice-prod-1.azure-automation.net |
 | West Europe |we-jobruntimedata-prod-su1.azure-automation.net</br>we-agentservice-prod-1.azure-automation.net |
 | North Europe |ne-jobruntimedata-prod-su1.azure-automation.net</br>ne-agentservice-prod-1.azure-automation.net |

diff --git a/articles/azure-stack/azure-stack-security-foundations.md b/articles/azure-stack/azure-stack-security-foundations.md
@@ -37,7 +37,7 @@ Since the infrastructure runs on well-defined hardware and software, Azure Stack
 Because Azure Stack is delivered as an integrated system, the security posture of the Azure Stack infrastructure is defined by Microsoft. Just like in Azure, tenants are responsible for defining the security posture of their tenant workloads. This document provides foundational knowledge on the security posture of the Azure Stack infrastructure.
 
 ## Data at rest encryption
-All Azure Stack infrastructure and tenant data is encrypted at rest using Bitlocker. This encryption protects against physical loss or theft of Azure Stack storage components. For more information, see [data at rest encryption in Azure Stack](azure-stack-security-bitlocker.md).
+All Azure Stack infrastructure and tenant data is encrypted at rest using BitLocker. This encryption protects against physical loss or theft of Azure Stack storage components. For more information, see [data at rest encryption in Azure Stack](azure-stack-security-bitlocker.md).
 
 ## Data in transit encryption
 The Azure Stack infrastructure components communicate using channels encrypted with TLS 1.2. Encryption certificates are self-managed by the infrastructure. 

diff --git a/articles/backup/backup-architecture.md b/articles/backup/backup-architecture.md
@@ -158,7 +158,7 @@ Back up deduplicated disks | | | ![Partially][yellow]<br/><br/> For DPM/MABS ser
 - Azure VMs use disks to store their operating system, apps, and data.
 - Azure VMs have at least two disks. One for the operating system, and a temporary disk. They can also have data disks for app data. Disks are stored as VHDs.
 - VHDs are stored as page blobs in standard or premium storage accounts in Azure.
-    - Standard storage: Reliable, low-cost disk support for VMs running workloads that aren't sensitive to latency. Standard storage can use standard SSD disks or standard SSD disks).
+    - Standard storage: Reliable, low-cost disk support for VMs running workloads that aren't sensitive to latency. Standard storage can use standard SSD disks or standard HDD disks.
     - Premium storage: High-performance disk support. Uses premium SSD disks.
 - There are different performance tiers for disks:
     - Standard HDD disk: Backed by HDDs, and used for cost-effective storage.

diff --git a/articles/backup/backup-azure-backup-import-export.md b/articles/backup/backup-azure-backup-import-export.md
@@ -57,7 +57,7 @@ Before initiating the Offline Backup workflow, complete the following prerequisi
     ![registering the resource provider](./media/backup-azure-backup-import-export/registerimportexport.png)
 * A staging location, which might be a network share or any additional drive on the computer, internal or external, with enough disk space to hold your initial copy, is created. For example, if you are trying to back up a 500-GB file server, ensure that the staging area is at least 500 GB. (A smaller amount is used due to compression.)
 * When sending disks to Azure, use only 2.5 inch SSD, or 2.5-inch or 3.5-inch SATA II/III internal hard drives. You can use hard drives up to 10 TB. Check the [Azure Import/Export service documentation](../storage/common/storage-import-export-requirements.md#supported-hardware) for the latest set of drives that the service supports.
-* The SATA drives must be connected to a computer (referred to as a *copy computer*) from where the copy of backup data from the *staging location* to the SATA drives is done. Ensure that Bitlocker is enabled on the *copy computer*.
+* The SATA drives must be connected to a computer (referred to as a *copy computer*) from where the copy of backup data from the *staging location* to the SATA drives is done. Ensure that BitLocker is enabled on the *copy computer*.
 
 ## Workflow
 This section describes the offline-backup workflow so that your data can be delivered to an Azure datacenter and uploaded to Azure Storage. If you have questions about the Import service or any aspect of the process, see the [Import service overview documentation](../storage/common/storage-import-export-service.md).

diff --git a/articles/backup/backup-azure-backup-server-import-export-.md b/articles/backup/backup-azure-backup-server-import-export-.md
@@ -53,7 +53,7 @@ Ensure that the following prerequisites are met before initiating the Offline Ba
 
 * A staging location, which might be a network share or any additional drive on the computer, internal or external, with enough disk space to hold your initial copy, is created. For example, if you are trying to back up a 500-GB file server, ensure that the staging area is at least 500 GB. (A smaller amount is used due to compression.)
 * With regards to disks that will be sent to Azure, ensure that only 2.5 inch SSD, or 2.5-inch or 3.5-inch SATA II/III internal hard drives are used. You can use hard drives up to 10 TB. Check the [Azure Import/Export service documentation](../storage/common/storage-import-export-requirements.md#supported-hardware) for the latest set of drives that the service supports.
-* The SATA drives have to be connected to a computer (referred to as a *copy computer*) from where the copy of backup data from the *staging location* to the SATA drives is done. Ensure that Bitlocker is enabled on the *copy computer* 
+* The SATA drives have to be connected to a computer (referred to as a *copy computer*) from where the copy of backup data from the *staging location* to the SATA drives is done. Ensure that BitLocker is enabled on the *copy computer* 
 
 ## Workflow
 The information in this section helps you complete the offline-backup workflow so that your data can be delivered to an Azure datacenter and uploaded to Azure Storage. If you have questions about the Import service or any aspect of the process, see the [Import service overview](../storage/common/storage-import-export-service.md) documentation referenced earlier.

diff --git a/articles/backup/backup-azure-file-folder-backup-faq.md b/articles/backup/backup-azure-file-folder-backup-faq.md
@@ -28,7 +28,7 @@ You can't back up the following drives/volumes:
 * Read-only Volumes: The volume must be writable for the volume shadow copy service (VSS) to function.
 * Offline Volumes: The volume must be online for VSS to function.
 * Network share: The volume must be local to the server to be backed up using online backup.
-* Bitlocker-protected volumes: The volume must be unlocked before the backup can occur.
+* BitLocker-protected volumes: The volume must be unlocked before the backup can occur.
 * File System Identification: NTFS is the only file system supported.
 
 ### What file and folder types can I back up from my server?<br/>

diff --git a/articles/backup/backup-azure-vms-introduction.md b/articles/backup/backup-azure-vms-introduction.md
@@ -35,7 +35,7 @@ Here's how Azure Backup completes a  backup for Azure VMs.
 
 Azure Backup doesn't encrypt data as a part of the backup process. Azure Backup does support backup of Azure VMs that are encrypted using Azure Disk Encryption.
 
-- Backup of VMs encrypted with Bitlocker Encryption Key(BEK) only, and BEK together with Key Encryption Key(KEK) is supported, for managed and unmanaged Azure VMs.
+- Backup of VMs encrypted with BitLocker Encryption Key(BEK) only, and BEK together with Key Encryption Key(KEK) is supported, for managed and unmanaged Azure VMs.
 - The BEK(secrets) and KEK(keys) backed up are encrypted so they can be read and used only when restored back to key vault by the authorized users.
 - Since the BEK is also backed up, in scenarios where BEK is lost, authorized users can restore the BEK to the KeyVault and recover the encrypted VM. Keys and secrets of encrypted VMs are backed up in encrypted form, so neither unauthorized users nor Azure can read or use backed up keys and secrets. Only users with the right level of permissions can back up and restore encrypted VMs, as well as keys and secrets.
 

diff --git a/articles/cloud-services/cloud-services-guestos-msrc-releases.md b/articles/cloud-services/cloud-services-guestos-msrc-releases.md
@@ -12,13 +12,64 @@ ms.devlang: na
 ms.topic: article
 ms.tgt_pltfrm: na
 ms.workload: tbd
-ms.date: 1/7/2019
+ms.date: 1/22/2019
 ms.author: raiye
 
 ---
 # Azure Guest OS
 The following tables show the Microsoft Security Response Center (MSRC) updates applied to the Azure Guest OS. Search this article to determine if a particular update applies to the Guest OS you are using. Updates always carry forward for the particular [family][family-explain] they were introduced in.
 
+>[!NOTE]
+>The January Guest OS is currently being rolled out to Cloud Service VMs that are configured for automatic updates. When the rollout is complete, this version will be made available for manual updates through the Azure portal and configuration files. The following patches are included in the January Guest OS. This list is subject to change.
+
+## January 2019 Guest OS
+
+| Product Category | Parent KB Article | Vulnerability Description | Guest OS | Date First Introduced |
+| --- | --- | --- | --- | --- |
+| Rel 19-01 | [4480961] | Windows 10 Security | 5.27 | January 8, 2019 |
+| Rel 19-01 | [4480964] | Windows Security | 4.62 | January 8, 2019 |
+| Rel 19-01 | [4480972] | Windows Security | 3.69 | January 8, 2019 |
+| Rel 19-01 | [4480960] | Windows Security | 2.82 | January 8, 2019 |
+| Rel 19-01 | [4480074] | .Net 4.x Security | 4.62 | January 8, 2019 |
+| Rel 19-01 | [4480075] | .Net 4.x Security | 3.69 | January 8, 2019 |
+| Rel 19-01 | [4480076] | .Net 4.x Security | 2.82 | January 8, 2019 |
+| Rel 19-01 | [4480086] | .Net 3.x Security | 4.62 | January 8, 2019 |
+| Rel 19-01 | [4480083] | .Net 3.x Security | 3.69 | January 8, 2019 |
+| Rel 19-01 | [4480085] | .Net 3.x Security | 2.82 | January 8, 2019 |
+| Rel 19-01 | [4480979] | Flash | 3.69, 4.62, 5.27 | January 8, 2019 |
+| Rel 19-01 | [4480965] | Internet Explorer | 2.82, 3.69, 4.62 | January 8, 2019 |
+| N/A | [4471318] | December Non-Security rollup | 2.82 | December 11, 2018 |
+| N/A | [4470641] | December Non-Security Rollup .NET 3.x | 2.82 | December 11, 2018 |
+| N/A | [4470637] | December Non-Security Rollup .NET 4.x | 2.82 | December 11, 2018 |
+| N/A | [4471330] | December Non-Security rollup | 3.69 | December 11, 2018 |
+| N/A | [4470629] | December Non-Security Rollup .NET 3.x | 3.69 | December 11, 2018 |
+| N/A | [4470623] | December Non-Security Rollup .NET 4.x | 3.69 | December 11, 2018 |
+| N/A | [4471320] | December Non-Security rollup | 4.62 | December 11, 2018 |
+| N/A | [4470630] | December Non-Security Rollup .NET 3.x | 4.62 | December 11, 2018 |
+| N/A | [4470622] | December Non-Security Rollup .NET 4.x | 4.62 | December 11, 2018 |
+
+[4480961]: http://support.microsoft.com/kb/4480961
+[4480964]: http://support.microsoft.com/kb/4480964
+[4480972]: http://support.microsoft.com/kb/4480972
+[4480960]: http://support.microsoft.com/kb/4480960
+[4480074]: http://support.microsoft.com/kb/4480074
+[4480075]: http://support.microsoft.com/kb/4480075
+[4480076]: http://support.microsoft.com/kb/4480076
+[4480086]: http://support.microsoft.com/kb/4480086
+[4480083]: http://support.microsoft.com/kb/4480083
+[4480085]: http://support.microsoft.com/kb/4480085
+[4480979]: http://support.microsoft.com/kb/4480979
+[4480965]: http://support.microsoft.com/kb/4480965
+[4471318]: http://support.microsoft.com/kb/4471318
+[4470641]: http://support.microsoft.com/kb/4470641
+[4470637]: http://support.microsoft.com/kb/4470637
+[4471330]: http://support.microsoft.com/kb/4471330
+[4470629]: http://support.microsoft.com/kb/4470629
+[4470623]: http://support.microsoft.com/kb/4470623
+[4471320]: http://support.microsoft.com/kb/4471320
+[4470630]: http://support.microsoft.com/kb/4470630
+[4470622]: http://support.microsoft.com/kb/4470622
+
 ## December 2018 Guest OS
 
 | Product Category | Parent KB Article | Vulnerability Description | Guest OS | Date First Introduced |

diff --git a/articles/data-factory/tutorial-deploy-ssis-packages-azure.md b/articles/data-factory/tutorial-deploy-ssis-packages-azure.md
@@ -73,12 +73,34 @@ In this tutorial, you complete the following steps:
 
 1. Select **Author & Monitor** to open the Data Factory user interface (UI) on a separate tab. 
 
-## Provision an Azure-SSIS integration runtime
+## Create an Azure-SSIS integration runtime
+
+### From the Data Factory overview
 
 1. On the **Let's get started** page, select the **Configure SSIS Integration Runtime** tile. 
 
    !["Configure SSIS Integration Runtime" tile](./media/tutorial-create-azure-ssis-runtime-portal/configure-ssis-integration-runtime-tile.png)
 
+1. For the remaining steps to set up an Azure-SSIS IR, see the [Provision an Azure-SSIS integration runtime](#provision-an-azure-ssis-integration-runtime) section. 
+
+### From the Authoring UI
+
+1. In the Azure Data Factory UI, switch to the **Edit** tab, select **Connections**, and then switch to the **Integration Runtimes** tab to view existing integration runtimes in your data factory. 
+
+   ![Selections for viewing existing IRs](./media/tutorial-create-azure-ssis-runtime-portal/view-azure-ssis-integration-runtimes.png)
+
+1. Select **New** to create an Azure-SSIS IR. 
+
+   ![Integration runtime via menu](./media/tutorial-create-azure-ssis-runtime-portal/edit-connections-new-integration-runtime-button.png)
+
+1. In the **Integration Runtime Setup** window, select **Lift-and-shift existing SSIS packages to execute in Azure**, and then select **Next**. 
+
+   ![Specify the type of integration runtime](./media/tutorial-create-azure-ssis-runtime-portal/integration-runtime-setup-options.png)
+
+1. For the remaining steps to set up an Azure-SSIS IR, see the [Provision an Azure-SSIS integration runtime](#provision-an-azure-ssis-integration-runtime) section. 
+
+## Provision an Azure-SSIS integration runtime
+
 1. On the **General Settings** page of **Integration Runtime Setup**, complete the following steps: 
 
    ![General settings](./media/tutorial-create-azure-ssis-runtime-portal/general-settings.png)
@@ -146,22 +168,6 @@ In this tutorial, you complete the following steps:
 
    ![Links in the "Actions" column](./media/tutorial-create-azure-ssis-runtime-portal/azure-ssis-ir-actions.png) 
 
-## Create an Azure-SSIS integration runtime
-
-1. In the Azure Data Factory UI, switch to the **Edit** tab, select **Connections**, and then switch to the **Integration Runtimes** tab to view existing integration runtimes in your data factory. 
-
-   ![Selections for viewing existing IRs](./media/tutorial-create-azure-ssis-runtime-portal/view-azure-ssis-integration-runtimes.png)
-
-1. Select **New** to create an Azure-SSIS IR. 
-
-   ![Integration runtime via menu](./media/tutorial-create-azure-ssis-runtime-portal/edit-connections-new-integration-runtime-button.png)
-
-1. In the **Integration Runtime Setup** window, select **Lift-and-shift existing SSIS packages to execute in Azure**, and then select **Next**. 
-
-   ![Specify the type of integration runtime](./media/tutorial-create-azure-ssis-runtime-portal/integration-runtime-setup-options.png)
-
-1. For the remaining steps to set up an Azure-SSIS IR, see the [Provision an Azure-SSIS integration runtime](#provision-an-azure-ssis-integration-runtime) section. 
-
 ## Deploy SSIS packages
 Now, use SQL Server Data Tools (SSDT) or SQL Server Management Studio (SSMS) to deploy your SSIS packages to Azure. Connect to your Azure SQL Database server that hosts the SSIS Catalog (SSISDB database). The name of Azure SQL Database server is in the format `<servername>.database.windows.net`.