hirenshah1
diff --git a/‎.openpublishing.publish.config.json
Lines changed: 1 addition & 0 deletions b/‎.openpublishing.publish.config.json
Lines changed: 1 addition & 0 deletions
diff --git a/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions b/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎.openpublishing.redirection.synapse-analytics.json
Lines changed: 40 additions & 0 deletions b/‎.openpublishing.redirection.synapse-analytics.json
Lines changed: 40 additions & 0 deletions
diff --git a/‎articles/active-directory-b2c/configure-authentication-sample-python-web-app.md
Lines changed: 3 additions & 4 deletions b/‎articles/active-directory-b2c/configure-authentication-sample-python-web-app.md
Lines changed: 3 additions & 4 deletions
diff --git a/‎articles/active-directory-b2c/configure-authentication-sample-web-app.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory-b2c/configure-authentication-sample-web-app.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/active-directory-b2c/enable-authentication-web-application.md
Lines changed: 2 additions & 3 deletions b/‎articles/active-directory-b2c/enable-authentication-web-application.md
Lines changed: 2 additions & 3 deletions
diff --git a/‎articles/active-directory-b2c/quickstart-native-app-desktop.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/quickstart-native-app-desktop.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/develop/active-directory-signing-key-rollover.md
Lines changed: 1 addition & 16 deletions b/‎articles/active-directory/develop/active-directory-signing-key-rollover.md
Lines changed: 1 addition & 16 deletions
diff --git a/‎articles/active-directory/roles/security-emergency-access.md
Lines changed: 5 additions & 5 deletions b/‎articles/active-directory/roles/security-emergency-access.md
Lines changed: 5 additions & 5 deletions
diff --git a/‎articles/applied-ai-services/form-recognizer/containers/form-recognizer-container-image-tags.md
Lines changed: 74 additions & 0 deletions b/‎articles/applied-ai-services/form-recognizer/containers/form-recognizer-container-image-tags.md
Lines changed: 74 additions & 0 deletions
@@ -816,6 +816,7 @@
     ".openpublishing.redirection.healthcare-apis.json",
     ".openpublishing.redirection.media-services.json",
     ".openpublishing.redirection.security-benchmark.json",
+    ".openpublishing.redirection.synapse-analytics.json",
     ".openpublishing.redirection.key-vault.json",
     ".openpublishing.redirection.iot-hub.json",
     "articles/azure-relay/.openpublishing.redirection.relay.json",
 
@@ -6053,6 +6053,11 @@
       "redirect_url": "/azure/azure-databricks/databricks-extract-load-sql-data-warehouse",
       "redirect_document_id": false
     },
+    {
+      "source_path_from_root": "/articles/storage/blobs/data-lake-storage-supported-blob-storage-features.md",
+      "redirect_url": "/azure/storage/blobs/storage-feature-support-in-storage-accounts",
+      "redirect_document_id": false
+    },
     {
       "source_path_from_root": "/articles/app-service/app-service-export-api-to-powerapps-and-flow.md",
       "redirect_url": "/azure/azure-functions/app-service-export-api-to-powerapps-and-flow",
 
@@ -0,0 +1,40 @@
+{
+    "redirections": [
+        {
+            "source_path_from_root": "/articles/synapse-analytics/sql-data-warehouse/sql-data-warehouse-partner-browse-partners.md",
+            "redirect_url": "/azure/synapse-analytics/partner/browse-partners",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/synapse-analytics/sql-data-warehouse/sql-data-warehouse-partner-business-intelligence.md",
+            "redirect_url": "/azure/synapse-analytics/partner/business-intelligence",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/synapse-analytics/sql-data-warehouse/sql-data-warehouse-partner-compatibility-issues.md",
+            "redirect_url": "/azure/synapse-analytics/partner/compatibility-issues",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/synapse-analytics/sql-data-warehouse/sql-data-warehouse-partner-data-integration.md",
+            "redirect_url": "/azure/synapse-analytics/partner/data-integration",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/synapse-analytics/sql-data-warehouse/sql-data-warehouse-partner-data-management.md",
+            "redirect_url": "/azure/synapse-analytics/partner/data-management",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/synapse-analytics/sql-data-warehouse/sql-data-warehouse-partner-machine-learning-ai.md",
+            "redirect_url": "/azure/synapse-analytics/partner/machine-learning-ai",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/synapse-analytics/sql-data-warehouse/sql-data-warehouse-partner-system-integration.md",
+            "redirect_url": "/azure/synapse-analytics/partner/system-integration",
+            "redirect_document_id": false
+        }
+
+    ]
+}
@@ -143,11 +143,11 @@ CLIENT_SECRET = "xxxxxxxxxxxxxxxxxxxxxxxx" # Placeholder - for use ONLY during t
        WARNING: This is a development server. Do not use it in a production deployment.
        Use a production WSGI server instead.
      * Debug mode: off
-     * Running on http://localhost:5000/ (Press CTRL+C to quit)
+     * Running on `http://localhost:5000/` (Press CTRL+C to quit)
     ```
 
  
-1. To view the web application running on your local machine, go to [http://localhost:5000](http://localhost:5000). 
+1. To view the web application running on your local machine, go to `http://localhost:5000`. 
 
 1. Select **Sign In**.
 
@@ -197,7 +197,7 @@ Open the *app_config.py* file. This file contains information about your Azure A
 
 |Key  |Value  |
 |---------|---------|
-|`ENDPOINT`| The URI of your web API (for example, https://localhost:44332/hello).|
+|`ENDPOINT`| The URI of your web API (for example, `https://localhost:44332/hello`).|
 |`SCOPE`| The web API [scopes](#step-62-configure-scopes) that you created.|
 | | |
 
@@ -243,5 +243,4 @@ You can add and modify redirect URIs in your registered applications at any time
 * The reply URL is case-sensitive. Its case must match the case of the URL path of your running application. 
 
 ## Next steps
-
 * Learn how to [Configure authentication options in a Python web app by using Azure AD B2C](enable-authentication-python-web-app-options.md).
@@ -130,7 +130,7 @@ Your final configuration file should look like the following JSON:
 ## Step 5: Run the sample web app
 
 1. Build and run the project.
-1. Go to [https://localhost:5001](https://localhost:5001). 
+1. Go to `https://localhost:5001`. 
 1. Select **Sign Up/In**.
 
     ![Screenshot of the "Sign Up/In" button on the project Welcome page.](./media/configure-authentication-sample-web-app/web-app-sign-in.png)
@@ -153,4 +153,4 @@ You can add and modify redirect URIs in your registered applications at any time
 ## Next steps
 
 * Learn more about the [code sample](https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/tree/master/1-WebApp-OIDC/1-5-B2C#about-the-code).
-* Learn how to [Enable authentication in your own web app by using Azure AD B2C](enable-authentication-web-application.md).
+* Learn how to [Enable authentication in your own web app by using Azure AD B2C](enable-authentication-web-application.md).
@@ -275,12 +275,11 @@ The required information is described in the [Configure authentication in a samp
 ## Step 7: Run your application
 
 1. Build and run the project.
-1. Go to [https://localhost:5001](https://localhost:5001). 
+1. Go to `https://localhost:5001`. 
 1. Select **Sign Up/In**.
 1. Complete the sign-up or sign-in process.
 
 After you're successfully authenticated, you'll see your display name in the navigation bar. To view the claims that the Azure AD B2C token returns to your app, select **Claims**.
 
 ## Next steps
-
-* Learn how to [customize and enhance the Azure AD B2C authentication experience for your web app](enable-authentication-web-application-options.md).
+* Learn how to [customize and enhance the Azure AD B2C authentication experience for your web app](enable-authentication-web-application-options.md).
@@ -34,7 +34,7 @@ Azure Active Directory B2C (Azure AD B2C) provides cloud identity management to
 ## Run the application in Visual Studio
 
 1. In the sample application project folder, open the **active-directory-b2c-wpf.sln** solution in Visual Studio.
-2. [Restore the NuGet packages](/nuget/consume-packages/package-restore.md).
+2. [Restore the NuGet packages](/nuget/consume-packages/package-restore).
 3. Press **F5** to debug the application.
 
 ## Sign in using your account
 
@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.subservice: develop
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 8/16/2021
+ms.date: 09/03/2021
 ms.author: ryanwi
 ms.reviewer: paulgarn, hirsin
 ms.custom: aaddev
@@ -40,7 +40,6 @@ How your application handles key rollover depends on variables such as the type
 * [Web applications protecting resources and created with Visual Studio 2013](#vs2013)
 * Web APIs protecting resources and created with Visual Studio 2013
 * [Web applications protecting resources and created with Visual Studio 2012](#vs2012)
-* [Web applications protecting resources and created with Visual Studio 2010, 2008 o using Windows Identity Foundation](#vs2010)
 * [Web applications / APIs protecting resources using any other libraries or manually implementing any of the supported protocols](#other)
 
 This guidance is **not** applicable for:
@@ -284,20 +283,6 @@ Follow the steps below to verify that the key rollover logic is working.
 2. In the **\<add thumbprint="">** setting, change the thumbprint value by replacing any character with a different one. Save the **Web.config** file.
 3. Build the application, and then run it. If you can complete the sign-in process, your application is successfully updating the key by downloading the required information from your directory’s federation metadata document. If you are having issues signing in, ensure the changes in your application are correct by reading the [Adding Sign-On to Your Web Application Using Microsoft identity platform](https://github.com/Azure-Samples/active-directory-dotnet-webapp-openidconnect) article, or downloading and inspecting the following code sample: [Multi-Tenant Cloud Application for Azure Active Directory](https://code.msdn.microsoft.com/multi-tenant-cloud-8015b84b).
 
-### <a name="vs2010"></a>Web applications protecting resources and created with Visual Studio 2008 or 2010 and Windows Identity Foundation (WIF) v1.0 for .NET 3.5
-If you built an application on WIF v1.0, there is no provided mechanism to automatically refresh your application’s configuration to use a new key.
-
-* *Easiest way* Use the FedUtil tooling included in the WIF SDK, which can retrieve the latest metadata document and update your configuration.
-* Update your application to .NET 4.5, which includes the newest version of WIF located in the System namespace. You can then use the [Validating Issuer Name Registry (VINR)](/previous-versions/dotnet/framework/windows-identity-foundation/validating-issuer-name-registry) to perform automatic updates of the application’s configuration.
-* Perform a manual rollover as per the instructions at the end of this guidance document.
-
-Instructions to use the FedUtil to update your configuration:
-
-1. Verify that you have the WIF v1.0 SDK installed on your development machine for Visual Studio 2008 or 2010. You can [download it from here](https://www.microsoft.com/download/details.aspx?id=17331) if you have not yet installed it.
-2. In Visual Studio, open the solution, and then right-click the applicable project and select **Update federation metadata**. If this option is not available, FedUtil and/or the WIF v1.0 SDK has not been installed.
-3. From the prompt, select **Update** to begin updating your federation metadata. If you have access to the server environment where the application is hosted, you can optionally use FedUtil’s [automatic metadata update scheduler](/previous-versions/windows-identity-foundation/ee517272(v=msdn.10)).
-4. Click **Finish** to complete the update process.
-
 ### <a name="other"></a>Web applications / APIs protecting resources using any other libraries or manually implementing any of the supported protocols
 If you are using some other library or manually implemented any of the supported protocols, you'll need to review the library or your implementation to ensure that the key is being retrieved from either the OpenID Connect discovery document or the federation metadata document. One way to check for this is to do a search in your code or the library's code for any calls out to either the OpenID discovery document or the federation metadata document.
 
 
@@ -39,9 +39,9 @@ Create two or more emergency access accounts. These accounts should be cloud-onl
 When configuring these accounts, the following requirements must be met:
 
 - The emergency access accounts should not be associated with any individual user in the organization. Make sure that your accounts are not connected with any employee-supplied mobile phones, hardware tokens that travel with individual employees, or other employee-specific credentials. This precaution covers instances where an individual employee is unreachable when the credential is needed. It is important to ensure that any registered devices are kept in a known, secure location that has multiple means of communicating with Azure AD.
-- The authentication mechanism used for an emergency access account should be distinct from that used by your other administrative accounts, including other emergency access accounts.  For example, if your normal administrator sign-in is via on-premises MFA, then Azure AD MFA would be a different mechanism.  However if Azure AD MFA is your primary part of authentication for your administrative accounts, then consider a different approach for these, such as using Conditional Access with a third-party MFA provider via Custom controls.
+- Use strong authentication for your emergency access accounts and make sure it doesn’t use the same authentication methods as your other administrative accounts. For example, if your normal administrator account uses the Microsoft Authenticator app for strong authentication, use a FIDO2 security key for your emergency accounts. Consider the [dependencies of various authentication methods](../fundamentals/resilience-in-credentials.md), to avoid adding external requirements into the authentication process.
 - The device or credential must not expire or be in scope of automated cleanup due to lack of use.  
-- You should make the Global Administrator role assignment permanent for your emergency access accounts. 
+- In Azure AD Privileged Identity Management, you should make the Global Administrator role assignment permanent rather than eligible for your emergency access accounts. 
 
 ### Exclude at least one account from phone-based multi-factor authentication
 
@@ -51,11 +51,11 @@ However, at least one of your emergency access accounts should not have the same
 
 ### Exclude at least one account from Conditional Access policies
 
-During an emergency, you do not want a policy to potentially block your access to fix an issue. At least one emergency access account should be excluded from all Conditional Access policies.
+During an emergency, you do not want a policy to potentially block your access to fix an issue. If you use Conditional Access, at least one emergency access account needs to be excluded from all Conditional Access policies.
 
 ## Federation guidance
 
-Some organizations use AD Domain Services and ADFS or similar identity provider to federate to Azure AD. [There should be no on-premises accounts with administrative privileges](../fundamentals/protect-m365-from-on-premises-attacks.md). Mastering and or sourcing authentication for  accounts with administrative privilege outside Azure AD adds unnecessary risk in the event of an outage or compromise of those system(s).
+Some organizations use AD Domain Services and AD FS or similar identity provider to federate to Azure AD. The emergency access for on-premises systems and the emergency access for cloud services should be kept distinct, with no dependency of one on the other. Mastering and or sourcing authentication for accounts with emergency access privileges from other systems adds unnecessary risk in the event of an outage of those system(s).
 
 ## Store account credentials safely
 
@@ -153,4 +153,4 @@ These steps should be performed at regular intervals and for key changes:
 - [Sign up for Azure AD Premium](../fundamentals/active-directory-get-started-premium.md), if you haven’t signed up already
 - [How to require two-step verification for a user](../authentication/howto-mfa-userstates.md)
 - [Configure additional protections for Global Administrators in Microsoft 365](/office365/enterprise/protect-your-global-administrator-accounts), if you are using Microsoft 365
-- [Start an access review of Global Administrators](../privileged-identity-management/pim-how-to-start-security-review.md) and [transition existing Global Administrators to more specific administrator roles](permissions-reference.md)
+- [Start an access review of Global Administrators](../privileged-identity-management/pim-how-to-start-security-review.md) and [transition existing Global Administrators to more specific administrator roles](permissions-reference.md)
@@ -0,0 +1,74 @@
+---
+title: Form Recognizer image tags and release notes
+titleSuffix: Azure Applied AI Services
+description: A listing of all Form Recognizer container image tags.
+author: laujan
+manager: nitinme
+ms.service: applied-ai-services
+ms.subservice: forms-recognizer
+ms.topic: reference
+ms.date: 09/02/2021
+ms.author: lajanuar
+keywords: Docker, container, images
+---
+
+# Form Recognizer container image tags and release notes
+
+> [!IMPORTANT]
+>
+> * **Form Recognizer v2.1 containers** are in gated preview. To use them, you must submit an [online request](https://customervoice.microsoft.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR7en2Ais5pxKtso_Pz4b1_xUNlpBU1lFSjJUMFhKNzVHUUVLN1NIOEZETiQlQCN0PWcu), and receive approval. 
+>
+> * The online request form requires that you provide a valid email address that belongs to the organization that owns the Azure subscription ID and that you have or have been granted access to that subscription.
+
+## Feature containers
+
+Form Recognizer features are supported by seven containers:
+
+| Container name | Fully qualified image name |
+|---|---|
+| **Layout** | mcr.microsoft.com/azure-cognitive-services/form-recognizer/layout |
+| **Business Card** | mcr.microsoft.com/azure-cognitive-services/form-recognizer/businesscard |
+| **ID Document** | mcr.microsoft.com/azure-cognitive-services/form-recognizer/id-document |
+| **Receipt** | mcr.microsoft.com/azure-cognitive-services/form-recognizer/receipt |
+| **Invoice** | mcr.microsoft.com/azure-cognitive-services/form-recognizer/invoice |
+| **Custom API** | mcr.microsoft.com/azure-cognitive-services/form-recognizer/custom-api |
+| **Custom Supervised** | mcr.microsoft.com/azure-cognitive-services/form-recognizer/custom-supervised |
+
+## Microsoft container registry
+
+Form Recognizer container images can be found on the Microsoft Container Registry **mcr.microsoft.** **<span></span>com** container registry syndicate, the primary registry for all Microsoft Published Docker images.
+
+* The discovery experience for MCR is provided through [docker hub](https://hub.docker.com/publishers/microsoftowner).
+
+* You can also query [the list of repositories within mcr](https://mcr.microsoft.com/v2/_catalog).
+
+## Form Recognizer tags
+
+The following tags are available for Form Recognizer:
+
+### [Latest version](#tab/current)
+
+Release notes for `v2.1` (gated preview):
+
+| Container | Tags |
+|------------|:------|
+| **Layout**| &bullet; `latest` </br> &bullet; `2.1-preview` </br> &bullet; `2.1.0.016140001-08108749-amd64-preview`|
+| **Business Card** | &bullet; `latest` </br> &bullet; `2.1-preview` </br> &bullet; `2.1.016190001-amd64-preview`  </br> &bullet; `2.1.016320001-amd64-preview`  |
+| **ID Document** | &bullet; `latest` </br> &bullet; `2.1-preview`</br>&bullet; `2.1.016190001-amd64-preview`</br>&bullet; `2.1.016320001-amd64-preview` |
+| **Receipt**| &bullet; `latest` </br> &bullet; `2.1-preview`</br>&bullet; `2.1.016190001-amd64-preview`</br>&bullet; `2.1.016320001-amd64-preview` |
+| **Invoice**| &bullet; `latest` </br> &bullet; `2.1-preview`</br>&bullet; `2.1.016190001-amd64-preview`</br>&bullet; `2.1.016320001-amd64-preview` |
+| **Custom API** | &bullet; `latest` </br> &bullet;`2.1-distroless-20210622013115034-0cc5fcf6`</br>&bullet; `2.1-preview`|
+| **Custom Supervised**| &bullet; `latest` </br> &bullet; `2.1-distroless-20210622013149174-0cc5fcf6`</br>&bullet; `2.1-preview`|
+
+### [Previous versions](#tab/previous)
+
+> [!IMPORTANT]
+> The Form Recognizer v1.0 container has been retired.
+
+---
+
+## Next steps
+
+> [!div class="nextstepaction"]
+> [Install and run Form Recognizer containers](form-recognizer-container-install-run.md)
+>