Merging pending updates from main to live (SharePoint#9142)

* Update multigeo-managedmetadata.md

* Update multigeo-managedmetadata.md

* Changed on to one

Fixed spelling

* Update release-1.18.md

* Update multigeo-managedmetadata.md

Fix spelling errors, fix msdoc format error

* Update security-webapppolicies.md

- fixing doc timestamp for when updated
- fixing work choice issues

* Update connect-to-sharepoint.md (SharePoint#9141)

Fixing SharePoint#9138 and SharePoint#9108 to fix the code.

---------

Co-authored-by: slowsmokeyjoe <[email protected]>
Co-authored-by: sguitardude <[email protected]>
Co-authored-by: Andrew Connell <[email protected]>

Author: 4 people

docs/solution-guidance/multigeo-managedmetadata.md

@@ -9,32 +9,30 @@ ms.localizationpriority: medium
 
 Managed metadata in SharePoint is Multi-Geo-aware. This article describes how to manage metadata in a SharePoint Multi-Geo tenant.
 
-The managed metadata that you define for the default geo ___location of a Multi-Geo tenant automatically replicates to the tenant's satellite locations. Managed metadata that you define for a satellite geo ___location is only available to the sites that are hosted in that geo ___location.
+The managed metadata that you define for the default geo ___location of a Multi-Geo tenant automatically replicates to the tenant's satellite locations. Managed metadata that you define for satellite geolocation is only available to the sites that are hosted in that geo-___location.
 
-In the example shown in the following image, the term groups TGMain1 and TGMain2 were created in the default geo ___location and are replicated to all satellite geo locations. As a result, those terms are available to all locations in the Multi-Geo tenant. 
+In the example shown in the following image, the term groups TGMain1 and TGMain2 were created in the default geolocation and are replicated to all satellite geo-locations. As a result, those terms are available to all locations in the Multi-Geo tenant. 
 
-Term set synchronization is one way from the default to the satellite geo locations. Term sets created in a satellite ___location do not sync to the default or other satellite geo locations. For example, term sets created in TGEurope1 are only available to sites hosted in Europe.
+Term set synchronization is one way from the default to the satellite geo-locations. Term sets created in a satellite ___location do not sync to the default or other satellite geo-locations. For example, term sets created in TGEurope1 are only available to sites hosted in Europe.
 
 ![world map showing a Mutli-Geo tenant with the default geo ___location in North America and satellite geo locations in Europe and Asia, and term groups syncing from the default to the satellite geo locations](media/multigeo/multigeomanagedmetadata_intro.png)
 
 The following are important points to know about managed metadata in Multi-Geo tenants:
 
-- Replication from the default geo ___location to any satellite geo ___location is **one way**. Users can't update  replicated term sets in satellite geo locations, but administrators can. However, we don't recommend this because it results in having additional term sets and terms available in that satellite geo ___location. 
-
-- Create term groups, term sets, and terms in the default geo ___location. This ensures that they are consistently available across all the geo locations in your tenant. 
-
-- When term groups, term sets, and terms are replicated across geo locations, they retain their ID. This allows you to reference term groups, term sets, and terms based on ID, regardless of the geo ___location your code is running in.
-
-- For term sets and terms to be replicated across geo locations, they need to be set as Available for Tagging.
-
+- Replication from the default geolocation to any satellite geolocation is **one way**. Users can't update  replicated term sets in satellite geo locations, but administrators can. However, we don't recommend this because it results in having additional term sets and terms available in that satellite geo ___location. 
+- Create term groups, term sets, and terms in the default geo ___location. This ensures that they are consistently available across all the geo-locations in your tenant. 
+- When term groups, term sets, and terms are replicated across geo-locations, they retain their ID. This allows you to reference term groups, term sets, and terms based on ID, regardless of the geo-___location your code is running in.
+- For term sets and terms to be replicated across geo-locations, they need to be set as Available for Tagging.
 - The incremental replication process runs hourly. The full replication job runs every three days. 
-
 - When you programmatically create a term set in the default geo ___location, that term set is automatically replicated. You don't have to make any changes to the APIs. 
-
-- In some cases, you might want a term group, term set, or terms to be available only in a satellite ___location, for example, a term that relates to a confidential project that applies to a specific geo ___location. In that case, you can choose to create the relevant terms in the applicable geo ___location. 
-
+- In some cases, you might want a term group, term set, or terms to be available only in a satellite ___location, for example, a term that relates to a confidential project that applies to a specific geolocation. In that case, you can choose to create the relevant terms in the applicable geo-___location. 
 - If you want the term group to be available only in the default ___location, use the `Set-SPOTenantTaxonomyReplicationParameters` PowerShell cmdlet to explicitly specify which term groups from the default ___location are replicated. This cmdlet is part of the [SharePoint Online Management Shell](https://www.microsoft.com/download/details.aspx?id=35588).
 
+> [!NOTE]
+> In a multi-geo scenario, there are protected or special term sets within the term store space that will not be replicated, nor will anything under them be replicated. Those groups are:
+> - People
+> - Search Dictionaries
+> - System
 
 ## See also
 

docs/solution-guidance/security-webapppolicies.md

@@ -1,7 +1,7 @@
 ---
 title: Alternative model for web app policies in SharePoint Online
 description: Web app policies are a concept that allows SharePoint administrators to either grant or deny permissions to users and groups for all sites under a web application. These permission grants and denies take preference over the permissions set at the sites in the web application and therefore are a mechanism typically used in multiple scenarios.
-ms.date: 12/14/2020
+ms.date: 8/10/2023
 ms.prod: sharepoint
 author: vesajuvonen
 ms.author: vesaj
@@ -17,7 +17,7 @@ Web app policies are a concept that allows SharePoint administrators to either g
 - Grant support team read-only access to all sites so the support engineer can walk through the site with the end user
 - Deny users (e.g. after leaving the company) access to all content
 
-Web application policies do not exist anymore in SharePoint Online and there’s no identical alternative implementation possible, however by using the existing SharePoint security model you can achieve similar results. In this article and video you’ll learn more about this.
+Web application policies do not exist anymore in SharePoint Online and there’s no identical alternative implementation possible, however by using the existing SharePoint security model you can achieve similar results. In this article and video, you’ll learn more about this.
 
 > [!Video https://www.youtube.com/embed/zcmngkgQdTU]
 
@@ -28,11 +28,11 @@ Web application policies do not exist anymore in SharePoint Online and there’s
 Before starting to implement permissions grants it’s important to understand why a grant was needed. Questions to ask yourselves are:
 
 - Is granting access to **all** data in your SharePoint Online tenant necessary? Push back and verify that the access to **all** data is an absolute must to support a business scenario
-- Is the “one” using the granted permission an application or a user? If it’s an application then it might be possible to work with an app principal having SharePoint Online tenant wide permissions, especially if this is an inhouse developed application
+- Is the “one” using the granted permission an application or a user? If it’s an application then it might be possible to work with an app principal having SharePoint Online tenant-wide permissions, especially if this is an in-house developed application
 
-Below flowchart is capturing these questions:
+The below flowchart is capturing these questions:
 
-![Flowchart showing logic to determine app only policy or not](media/webapppolicies/flowchart1.png)
+![Flowchart showing logic to determine app-only policy or not](media/webapppolicies/flowchart1.png)
 
 > [!IMPORTANT]
 > Only in the case the granted access will be consumed by a user or an application that is not compatible with app principals should you grant access via users or groups. If possible, prefer app principals above users and groups because:
@@ -75,7 +75,7 @@ You can achieve the same result by either granting the permissions to a user or
 
 | Category     | Group                                                                                                                                              | User                                                                                                     |
 | :----------- | :------------------------------------------------------------------------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------- |
-| Clarity      | A group can contain on or more accounts, typically not visible to the other site collection administrators                                         | User account is always visible, there’s no doubt about it                                                |
+| Clarity      | A group can contain one or more accounts, typically not visible to the other site collection administrators                                         | User account is always visible, there’s no doubt about it                                                |
 | Maintenance  | You can easily grant access by adding new members to the group                                                                                     | New members must be added to all sites                                                                   |
 | Tamper proof | A group can shield the actual accounts having access (e.g. legal account) and other admins are less likely to remove the permissions for the group | There’s full transparency, other admins might be more likely to remove the “weird” users from their site |
 
@@ -84,23 +84,23 @@ You can achieve the same result by either granting the permissions to a user or
 
 #### What about modern team sites (a.k.a. group sites)?
 
-Modern team sites are SharePoint team sites which are connected to a Microsoft 365 group. This Microsoft 365 group acts as a central model for granting access to all the services on top of that group (e.g. SharePoint Site, Exchange mailbox, Planner, …). For these sites, you do have 2 options for granting access:
+Modern team sites are SharePoint team sites that are connected to a Microsoft 365 group. This Microsoft 365 group acts as a central model for granting access to all the services on top of that group (e.g. SharePoint Site, Exchange mailbox, Planner, …). For these sites, you do have 2 options for granting access:
 
 - Add user accounts (no groups) to either the members or owners of the Microsoft 365 group connected to the modern team site. The advantage of this approach is that the granted permission applies to all services that use this group, but when evaluating web app policies this typically is not relevant
 - Treat the modern team site like a “normal” site and grant permission like described in earlier chapters
 
 > [!IMPORTANT]
-> We recommend granting permissions at SharePoint level, so treat the modern team sites like regular classic SharePoint team sites. This approach aligns with what the web application policies were providing.
+> We recommend granting permissions at the SharePoint level, so treat the modern team sites like regular classic SharePoint team sites. This approach aligns with what the web application policies were providing.
 
 #### Granting permissions using PnP PowerShell
 
-Below scripts show an easy way to grant access via using PnP PowerShell and they can be a good starting basis for your implementation. Below scripts do not take in account the following:
+The below scripts show an easy way to grant access via using PnP PowerShell and they can be a good starting basis for your implementation. The below scripts do not take in account the following:
 
 - Get-PnPTenantSite is currently not enumerating modern team sites
 - Get-PnPTenantSite is not Multi-Geo aware
 - Performance is not optimal since the scripts are sequentially running, there’s no parallel execution
 
-Since users continuously create new site collections it’s important to run these scripts on regular basis, ideally as a scheduled task.
+Since users continuously create new site collections it’s important to run these scripts on a regular basis, ideally as a scheduled task.
 
 [!INCLUDE [pnp-powershell](../../includes/snippets/open-source/pnp-powershell.md)]
 
@@ -113,7 +113,7 @@ To give users full control to specific (or all) SharePoint sites, you can use Sh
 It is recommended that access be added on an as-needed basis, and then removed. For example, the script below assigns a list of administrators to all site collections in a tenant. The example uses the [SharePoint Patterns and Practices (PnP) of PowerShell commands](https://aka.ms/sppnp-powershell) to make two users admins of all site collections in the tenant.
 
 ```PowerShell
-# comma separated list of users and groups to be added
+# comma-separated list of users and groups to be added
 $adminAccounts = "[email protected]","[email protected]"
 
 # Specify the tenant here

docs/spfx/release-1.18.md

@@ -6,13 +6,13 @@ ms.localizationpriority: high
 ---
 # SharePoint Framework v1.18 preview release notes
 
-This release
+This release focuses on new features within the Viva Connections side and evolving existing capabilities within the other areas on building Microsoft 365 solutions with SharePoint Framework.
 
 [!INCLUDE [spfx-release-beta](../../includes/snippets/spfx-release-beta.md)]
 
-beta.3 **Released**: August 1, 2023
-beta.2 **Released**: July 18, 2023
-beta.1 **Released**: June 28, 2023
+- beta.3 **Released**: August 1, 2023
+- beta.2 **Released**: July 18, 2023
+- beta.1 **Released**: June 28, 2023
 
 [!INCLUDE [spfx-release-notes-common](../../includes/snippets/spfx-release-notes-common.md)]
 
@@ -187,4 +187,4 @@ The default outline icon for Teams-hosted web parts is now transparent. This all
 
 We are interested on your feedback around the release. Please do let us know any findings or other feedback using the [SPFx issue list](https://github.com/SharePoint/sp-dev-docs/issues).
 
-Happy coding! Sharing is caring! 🧡
+Happy coding! Sharing is caring! 🧡

docs/spfx/web-parts/get-started/connect-to-sharepoint.md

@@ -207,8 +207,9 @@ Open the `HelloWorldWebPart` class.
       </ul>`;
       });
 
-      const listContainer: Element = this.domElement.querySelector('#spListContainer');
-      listContainer.innerHTML = html;
+      if(this.domElement.querySelector('#spListContainer') != null) {
+        this.domElement.querySelector('#spListContainer')!.innerHTML = html;
+      }
     }
     ```