Merge branch 'master' of https://github.com/Microsoft/azure-docs-pr into title3

Author: cherylmc

articles/active-directory/active-directory-application-proxy-conditional-access.md

@@ -1,5 +1,5 @@
 ---
-title: Conditional Access for Applications Published with Azure AD Application Proxy
+title: Conditional access to on-prem apps - Azure AD | Microsoft Docs
 description: Covers how to set up conditional access for applications you publish to be accessed remotely using Azure AD Application Proxy.
 services: active-directory
 documentationcenter: ''
@@ -13,11 +13,11 @@ ms.workload: identity
 ms.tgt_pltfrm: na
 ms.devlang: na
 ms.topic: article
-ms.date: 06/22/2016
+ms.date: 01/23/2017
 ms.author: kgremban
 
 ---
-# Working with conditional access
+# Working with conditional access in Azure AD Application Proxy
 You can configure access rules to grant conditional access to applications published using Application Proxy. This enables you to:
 
 * Require multi-factor authentication per application
@@ -40,11 +40,11 @@ Access rules are evaluated when a user accesses a federated application that use
 3. Click **Applications** and scroll down to the **Access Rules** section. The access rules section only appears for applications published using Application Proxy that use federated authentication.
 4. Enable the rule by selecting **Enable Access Rules** to **On**.
 5. Specify the users and groups to whom the rules will apply. Use the **Add Group** button  to select one or more groups to which the access rule will apply. This dialog can also be used to remove selected groups.  When the rules are selected to apply to groups, the access rules will only be enforced for users that belong to one of the specified security groups.  
-   
+
    * To explicitly exclude security groups from the rule, check **Except**  and specify one or more groups. Users who are members of a group in the Except list will not be required to perform multi-factor authentication.  
    * If a user was configured using the per-user multi-factor authentication feature, this setting will take precedence over the application multi-factor authentication rules. This means that a user who has been configured for per-user multi-factor authentication will be required to perform multi-factor authentication even if they have been exempted from the application's multi-factor authentication rules. Learn more about [multi-factor authentication and per-user settings](../multi-factor-authentication/multi-factor-authentication.md).
 6. Select the access rule you want to set:
-   
+
    * **Require Multi-factor authentication**: Users to whom access rules apply will be required to complete multi-factor authentication before accessing the application to which the rule applies.
    * **Require Multi-factor authentication when not at work**: Users trying to access the application from a trusted IP address will not be required to perform multi-factor authentication. The trusted IP address ranges can be configured on the multi-factor authentication settings page.
    * **Block access when not at work**: Users trying to access the application from outside your corporate network will not be able to access the application.
@@ -63,4 +63,3 @@ In addition to setting this flag, the federated tenant AD FS instance must be co
 * [Publish applications using your own domain name](active-directory-application-proxy-custom-domains.md)
 
 For the latest news and updates, check out the [Application Proxy blog](http://blogs.technet.com/b/applicationproxyblog/)
-

articles/active-directory/active-directory-application-proxy-native-client.md

@@ -1,5 +1,5 @@
 ---
-title: How to enable publishing of native client apps with proxy applications | Microsoft Docs
+title: Publish native client apps - Azure AD | Microsoft Docs
 description: Covers how to enable native client apps to communicate with Azure AD Application Proxy Connector to provide secure remote access to your on-premises apps.
 services: active-directory
 documentationcenter: ''
@@ -13,7 +13,7 @@ ms.workload: identity
 ms.tgt_pltfrm: na
 ms.devlang: na
 ms.topic: article
-ms.date: 06/22/2016
+ms.date: 01/23/2017
 ms.author: kgremban
 
 ---
@@ -80,4 +80,3 @@ For more information about the native application flow, see [Native application
 * [Enable single-sign on](active-directory-application-proxy-sso-using-kcd.md)
 
 For the latest news and updates, check out the [Application Proxy blog](http://blogs.technet.com/b/applicationproxyblog/)
-

articles/active-directory/role-based-access-built-in-roles.md

@@ -1,5 +1,5 @@
 ---
-title: 'RBAC: Built-in Roles | Microsoft Docs'
+title: Actions and NotActions - roles in Azure RBAC | Microsoft Docs
 description: This topic describes the built in roles for role-based access control (RBAC).
 services: active-directory
 documentationcenter: ''
@@ -13,7 +13,7 @@ ms.devlang: na
 ms.topic: article
 ms.tgt_pltfrm: na
 ms.workload: identity
-ms.date: 08/25/2016
+ms.date: 01/23/2017
 ms.author: kgremban
 
 ---
@@ -25,8 +25,8 @@ The following table provides brief descriptions of the built-in roles. Click the
 
 > [!NOTE]
 > The Azure role definitions are constantly evolving. This article is kept as up to date as possible, but you can always find the latest roles definitions in Azure PowerShell. Use the cmdlets `(get-azurermroledefinition "<role name>").actions` or `(get-azurermroledefinition "<role name>").notactions` as applicable.
-> 
-> 
+>
+>
 
 | Role name | Description |
 | --- | --- |
@@ -549,4 +549,3 @@ Can manage websites but not the web plans to which they are connected
 * [Custom roles in Azure RBAC](role-based-access-control-custom-roles.md): Learn how to create custom roles to fit your access needs.
 * [Create an access change history report](role-based-access-control-access-change-history-report.md): Keep track of changing role assignments in RBAC.
 * [Role-Based Access Control troubleshooting](role-based-access-control-troubleshooting.md): Get suggestions for fixing common issues.
-

articles/active-directory/role-based-access-control-custom-roles.md

@@ -1,10 +1,10 @@
 ---
-title: Custom Roles in Azure RBAC | Microsoft Docs
+title: Create custom roles for Azure RBAC | Microsoft Docs
 description: Learn how to define custom roles with Azure Role-Based Access Control for more precise identity management in your Azure subscription.
 services: active-directory
 documentationcenter: ''
 author: kgremban
-manager: kgremban
+manager: femila
 editor: ''
 
 ms.assetid: e4206ea9-52c3-47ee-af29-f6eef7566fa5
@@ -13,7 +13,7 @@ ms.devlang: na
 ms.topic: article
 ms.tgt_pltfrm: na
 ms.workload: identity
-ms.date: 07/25/2016
+ms.date: 01/23/2017
 ms.author: kgremban
 
 ---
@@ -81,8 +81,8 @@ Use the **NotActions** property if the set of operations that you wish to allow
 
 > [!NOTE]
 > If a user is assigned a role that excludes an operation in **NotActions**, and is assigned a second role that grants access to the same operation, the user will be allowed to perform that operation. **NotActions** is not a deny rule – it is simply a convenient way to create a set of allowed operations when specific operations need to be excluded.
-> 
-> 
+>
+>
 
 ## AssignableScopes
 The **AssignableScopes** property of the custom role specifies the scopes (subscriptions, resource groups, or resources) within which the custom role is available for assignment. You can make the custom role available for assignment in only the subscriptions or resource groups that require it, and not clutter user experience for the rest of the subscriptions or resource groups.
@@ -95,8 +95,8 @@ Examples of valid assignable scopes include:
 
 > [!NOTE]
 > You must use at least one subscription, resource group, or resource ID.
-> 
-> 
+>
+>
 
 ## Custom roles access control
 The **AssignableScopes** property of the custom role also controls who can view, modify, and delete the role.
@@ -116,4 +116,3 @@ The **AssignableScopes** property of the custom role also controls who can view,
   * [Azure CLI](role-based-access-control-manage-access-azure-cli.md)
   * [REST API](role-based-access-control-manage-access-rest.md)
 * [Built-in roles](role-based-access-built-in-roles.md): Get details about the roles that come standard in RBAC.
-

articles/active-directory/role-based-access-control-what-is.md

@@ -1,5 +1,5 @@
 ---
-title: Role-Based Access Control | Microsoft Docs
+title: Manage access and permissions with roles - Azure RBAC | Microsoft Docs
 description: Get started in access management with Azure role-based access control in the Azure Portal. Use role assignments to assign permissions in your directory.
 services: active-directory
 documentationcenter: ''
@@ -13,7 +13,7 @@ ms.devlang: na
 ms.topic: article
 ms.tgt_pltfrm: na
 ms.workload: identity
-ms.date: 08/03/2016
+ms.date: 01/23/2017
 ms.author: kgremban
 
 ---
@@ -64,4 +64,3 @@ Azure RBAC only supports management operations of the Azure resources in the Azu
 * Get started with [Role-Based Access Control in the Azure portal](role-based-access-control-configure.md).
 * See the [RBAC built-in roles](role-based-access-built-in-roles.md)
 * Define your own [Custom roles in Azure RBAC](role-based-access-control-custom-roles.md)
-

articles/app-service-web/web-sites-dotnet-rest-service-aspnet-api-sql-database.md

@@ -1,5 +1,5 @@
 ---
-title: Create a REST service using ASP.NET Web API and SQL Database in Azure App Service
+title: Create a REST API in Azure with ASP.NET and SQL DB | Microsoft Docs
 description: A tutorial that teaches you how to deploy an app that uses the ASP.NET Web API to an Azure web app by using Visual Studio.
 services: app-service\web
 documentationcenter: .net

articles/azure-resource-manager/best-practices-resource-manager-design-templates.md

@@ -1,6 +1,6 @@
 ---
-title: Patterns for Resource Manager templates | Microsoft Docs
-description: Show design patterns for Azure Resource Manager templates
+title: Design Azure templates for complex solutions | Microsoft Docs
+description: Shows best practices for designing Azure Resource Manager templates for complex scenarios
 services: azure-resource-manager
 documentationcenter: ''
 author: tfitzmac
@@ -17,7 +17,7 @@ ms.date: 12/19/2016
 ms.author: tomfitz
 
 ---
-# Patterns for designing Azure Resource Manager templates
+# Design patterns for Azure Resource Manager templates when deploying complex solutions
 Using a flexible approach based on Azure Resource Manager templates, you can deploy complex topologies quickly and consistently. You can adapt these deployments easily as core offerings evolve or to accommodate variants for outlier scenarios or customers.
 
 This topic is part of a larger whitepaper. To read the full paper, download [World Class Azure Resource Manager Templates Considerations and Proven Practices](http://download.microsoft.com/download/8/E/1/8E1DBEFA-CECE-4DC9-A813-93520A5D7CFE/World Class ARM Templates - Considerations and Proven Practices.pdf).

articles/azure-resource-manager/best-practices-resource-manager-state.md

@@ -1,6 +1,6 @@
 ---
-title: Handling State in Resource Manager Templates | Microsoft Docs
-description: Shows recommended approaches for using complex objects to share state data with Azure Resource Manager templates and linked templates
+title: Pass complex values between Azure templates | Microsoft Docs
+description: Shows recommended approaches for using complex objects to share state data with Azure Resource Manager templates and linked templates.
 services: azure-resource-manager
 documentationcenter: ''
 author: tfitzmac
@@ -17,7 +17,7 @@ ms.date: 10/26/2016
 ms.author: tomfitz
 
 ---
-# Sharing state in Azure Resource Manager templates
+# Share state to and from Azure Resource Manager templates
 This topic shows best practices for managing and sharing state within templates. The parameters and variables shown in this topic are examples of the type of objects you can define to conveniently organize your deployment requirements. From these examples, you can implement your own objects with property values that make sense for your environment.
 
 This topic is part of a larger whitepaper. To read the full paper, download [World Class Resource Manager Templates Considerations and Proven Practices](http://download.microsoft.com/download/8/E/1/8E1DBEFA-CECE-4DC9-A813-93520A5D7CFE/World Class ARM Templates - Considerations and Proven Practices.pdf).

articles/azure-resource-manager/powershell-azure-resource-manager.md

@@ -1,6 +1,6 @@
 ---
-title: Azure PowerShell with Resource Manager | Microsoft Docs
-description: Introduction to using Azure PowerShell to deploy multiple resources as a resource group to Azure.
+title: Manage Azure solutions with PowerShell | Microsoft Docs
+description: Use Azure PowerShell and Resource Manager to manage your resources.
 services: azure-resource-manager
 documentationcenter: ''
 author: tfitzmac
@@ -17,7 +17,7 @@ ms.date: 12/05/2016
 ms.author: tomfitz
 
 ---
-# Manage Azure resources with PowerShell and Resource Manager
+# Manage resources with Azure PowerShell and Resource Manager
 > [!div class="op_single_selector"]
 > * [Portal](resource-group-portal.md)
 > * [Azure CLI](xplat-cli-azure-resource-manager.md)

articles/azure-resource-manager/resource-group-audit.md

@@ -1,6 +1,6 @@
 ---
-title: Activity logs to manage Azure resources | Microsoft Docs
-description: Use the activity log in Resource Manager to review user actions and errors. Shows Azure Portal PowerShell, Azure CLI, and REST.
+title: View Azure activity logs to monitor resources | Microsoft Docs
+description: Use the activity logs to review user actions and errors. Shows Azure Portal PowerShell, Azure CLI, and REST.
 services: azure-resource-manager
 documentationcenter: ''
 author: tfitzmac
@@ -17,7 +17,7 @@ ms.date: 01/09/2017
 ms.author: tomfitz
 
 ---
-# View activity logs to manage Azure resources
+# View activity logs to audit actions on resources
 Through activity logs, you can determine:
 
 * what operations were taken on the resources in your subscription