Updated Feature name to "Limit user visibility for projects" (#2752)

* Updated Feature name to "Limit user visibility for projects"
AB#1811794: Limit user visibility for projects

* commit space change

* further updates to preview features.

* reformat

* small commit

* added first note on people-picker limits
AB#1805652: [Identity] Restrict results for identity picker/identity API based on org level restricted group membership [1778446]

* Clarifying the limitations on Identity selectors.
#AB1811795: About projects
AB#1805652: [Identity] Restrict results for identity picker/identity API based on org level restricted group membership [1778446]

* refresh build

* additional updates
AB#1805652, AB#1811795

* fixed broken links

* refinements

* fixed build warnings

* Acrolinx fixes

* replaced identity selector with people picker

* publish

* force build

* fix build problems

Author: KathrynEE

docs/boards/configure-customize.md

@@ -13,7 +13,7 @@ ms.date: 08/18/2020
 
 
 
-# Configure and customize Azure Boards 
+# Configure and customize Azure Boards  
 
 [!INCLUDE [temp](includes/version-vsts-only.md)]
 

docs/boards/queries/add-tags-to-work-items.md

@@ -226,7 +226,7 @@ Requires TFS 2015.1 or later version.
 ## Chart work items and group by tags
 
 > [!NOTE]   
-> You can't group a query-based chart by tags, however, you can group a **Chart for Work Items** widget by tags that you add to a dashboard.  
+> You can't group a query-based chart by tags, however, you can group a **Chart for Work Items** widget by tags that you add to a dashboard.    This feature is in public preview. To enable it, see [Manage or enable features](../../project/navigation/preview-features.md) and turn on **Enable group by tags for work item chart widget on dashboard**. 
 
 To group a **Chart for Work Items** widget by tags, perform the same steps provided in [Track progress with status and trend query-based charts, Add a chart widget to a dashboard](../../report/dashboards/charts.md#add-chart-widget). Make sure that your flat-list query contains **Tags** in the query clause or as a column option. Then, choose **Tags** for the **Group by** selection. To filter the chart to show only some tags, choose the **Selected tags** radio button and then choose the tags you want the chart to display.  
 

docs/boards/queries/query-by-workflow-changes.md

@@ -9,7 +9,7 @@ ms.author: kaelli
 author: KathrynEE
 ms.topic: sample
 monikerRange: '>= tfs-2013'
-ms.date: 03/10/2020  
+ms.date: 02/17/2021
 ---
 
 # Query by assignment or workflow changes
@@ -781,6 +781,23 @@ You can use the following fields to filter your queries or build reports. Some o
 
 3.  Indexed field. Enabling indexing for a field may increase the performance of finding work items whose queries specify that field. For on-premises server, use the [**witadmin indexfield** command](../../reference/witadmin/manage-work-item-fields.md) to change the index attribute for a field.  
 
+::: moniker-end
+ 
+
+### people picker 
+
+The **Assigned To** field is supported by the people picker feature. For example, when you choose the **Assigned To** field from within a work item form, the people picker is activated. As shown in the following image, you simply start typing the name of the user you want to select, and search until you find a match. Users that you've previously selected appear in the list automatically. To select users that you haven't selected previously, simply enter their entire name or search against the full directory.  
+ 
+> [!div class="mx-imgBorder"]  
+> ![Screenshot of people picker](../../notifications/media/at-mention/identity-selector.png)  
+
+For organizations that manage their users and groups using Azure Active Directory (Azure AD) or Active Directory, people pickers provide support for searching all users and groups added to the AD, not just those added to the project. 
+
+::: moniker range="azure-devops"
+
+To limit the scope of identities available for selection to just those users added to the project, you can do so using the **Project-Scoped Users** group. To learn how, see [Manage your project, Limit identity search and selection](../../user-guide/project-admin-tutorial.md#limit-identity-selection). 
+ 
+
 ::: moniker-end
 
 ::: moniker range=">= tfs-2015"

docs/notifications/at-mentions.md

@@ -10,16 +10,28 @@ ms.author: chcomley
 author: chcomley
 ms.topic: conceptual
 monikerRange: '>= tfs-2015'
-ms.date: 02/08/2021
----
+ms.date: 02/17/2021 
+--- 
 
 # Use @mentions in work items and pull requests
 
 [!INCLUDE [temp](../includes/version-ts-tfs-2015-2016.md)]
 
-The <strong>@mention</strong> control allows you to quickly add a user to a work item or pull request discussion. You can select a project member from the search list, so they're notified of your comment. 
+The **@mention** control allows you to quickly add a user or group to a work item or pull request discussion. Using the people picker of the **@mention** control, you can select a project member or group from the search list, and they'll receive an email notifying them of your comment. 
+
+::: moniker range="azure-devops"
+
+For organizations that manage their users and groups using Azure Active Directory (Azure AD), people pickers provide support for searching all users and groups added to Azure AD, not just those users and groups added to your project. To limit the set to project members and groups, see [Manage your project, Limit identity search and selection](../user-guide/project-admin-tutorial.md#limit-identity-selection).  
+
+::: moniker-end
+
+::: moniker range="< azure-devops"
+
+For organizations that manage their users and groups using Active Directory, people pickers provide support for searching all users and groups added to the Azure AD, not just those users and groups added to your project.  
+
+::: moniker-end
 
-Use the <strong>@mention</strong> control to start or continue a discussion within the following areas:
+Use the **@mention** control to start or continue a discussion within the following areas:
 
 ::: moniker range=">= azure-devops-2020"
 
@@ -54,40 +66,75 @@ Use the <strong>@mention</strong> control to start or continue a discussion with
 
 ::: moniker-end
 
-When you leave a code comment in a pull request, enter **\@** to trigger the **\@mention** identity picker. From the identity selector, you see a list of users you've recently mentioned. Choose a name or enter the name of the user you're looking for to do a directory search. 
+## Identity search selection
+
+When you leave a code comment in a pull request, enter **\@** to trigger the **\@mention** people picker. From the people picker, you see a list of users you've recently mentioned. Choose a name or enter the name of the user you're looking for to do a directory search. 
 
 > [!WARNING]
-> If you have permission to invite users to the organization, regardless of whether the "Restrict invitations" policy is disabled, you can @mention a user who isn't part of your organization. This action invites that user to your organization.
+> If you have permission to invite users to the organization, regardless of whether the **Restrict invitations** policy is disabled, you can **@mention** a user who isn't part of your organization. This action invites that user to your organization. To learn more, see [Restrict new user invitations from project and team administrators](../organizations/security/restrict-invitations.md). 
 
 To filter the list, enter the user name or alias until you've found a match.
-
-![Web portal, Pull Request, Type a user name or email alias to locate a match](media/at-mention-pr-type-name.png)  
+ 
+> [!div class="mx-imgBorder"]  
+> ![Screenshot of people picker](media/at-mention/identity-selector.png)  
 
 ::: moniker range=">= azure-devops-2020"
 
 You can also use group mentions. Enter the name of a team or a security group, choose :::image type="icon" source="../media/icons/search-icon.png" border="false"::: **Search**, and then select from the options listed.
 
-> [!NOTE]
-> For feature availability, check the [Feature Timeline](/azure/devops/release-notes/features-timeline).
-
 ::: moniker-end
 
 To **\@mention** a user you've never selected previously, just continue to enter the entire name to do your search against the full directory.  
 
 Names of mentioned users appear in blue text. Choose the **\@mention link name** to open the user's contact information. The contact information provides more context for why they were added to the conversation.  
 
+::: moniker range=">= azure-devops-2019"
+> [!div class="mx-imgBorder"]  
+> ![Screenshot of discussion section with at mention made.](media/at-mention/at-mention-discussion.png)  
+::: moniker-end
+
+::: moniker range="< azure-devops-2019"
 ![Web portal, At mention user contact information accessible](media/at-mention-link-to-user-contact-card.png)  
+::: moniker-end
 
-Upon completion of your selection and text entry, your <strong>@mention</strong> user receives an email alerting them about the mention.  
 
+> [!NOTE]
+> Don't copy/paste **\@mention** users from a previous comment. While the resulting formatting looks identical to a properly entered mention, it doesn't register as a true mention nor send an email notification.
+
+
+Upon completion of your selection and text entry, your **@mention** user receives an email alerting them about the mention.  
+
+::: moniker range=">= azure-devops-2019"
+> [!div class="mx-imgBorder"]  
+> ![Screenshot of Email sent in Outlook.](media/at-mention/at-mention-work-item.png)  
+::: moniker-end
+
+::: moniker range="< azure-devops-2019"
 ![Email sent to at-mention user organization](media/mail-to-at-mention-user.png)
+::: moniker-end
+
 
 Use the **\@mention** control in pull request discussions, commit comments, changeset comments, and shelveset comments.
 
-> [!NOTE]
-> Don't copy/paste **\@mention** users from a previous comment. While the resulting formatting looks identical to a properly entered mention, it doesn't register as a true mention nor send an email notification.
 
 
+::: moniker range="azure-devops"
+
+## Limited identities in search selection  
+
+In general, people pickers search and select any user or group added to an organization's Azure Active Directory (Azure AD). 
+
+For organizations that manage their users and groups using Azure Active Directory (Azure AD), people pickers provide support for searching users and groups added to the Azure AD. For organizations that want to limit the search and selection to just those users and groups added to a specific project, they can do so by enabling the **Limit user visibility for projects** preview feature for their organization. 
+
+When the **Limit user visibility for projects** preview feature is enabled for an organization, the list of identities you can select from a people picker is limited in one of the following ways: 
+
+- Users added to the **Project-Scoped Users** group are only able to select from an identity list that contains users and groups added explicitly to the project they're connected to. 
+- If all project members are added to the **Project-Scoped Users** group, then people pickers are limited to only those users and groups added to the project. All project members are only able to select identities that match users and groups added explicitly to the project they're connected to. 
+  
+To learn how, see [Manage your project, Limit identity search and selection](../user-guide/project-admin-tutorial.md#limit-identity-selection). 
+
+::: moniker-end
+
 
 ## Related articles
 

docs/notifications/media/at-mention/at-mention-discussion.png

@@ -8,8 +8,8 @@ ms.technology: devops-accounts
 ms.assetid: 19ac647f-04c1-4ddd-9953-b3ecfa0f1457
 ms.author: chcomley
 author: chcomley
-ms.date: 01/21/2021
 monikerRange: '>= azure-devops-2019'
+ms.date: 02/17/2021
 ---
 
 # Add users and manage access in Azure DevOps
@@ -368,21 +368,30 @@ ID                                    Display Name         Email
 
 ## Restrict users' view to organization projects
 
-If the **Project-Scoped Users well-known group to hide settings** preview feature is enabled for the organization, users added to the **Project-scoped Users** group won't be able to access projects that they haven't been added to. To learn more, see [About projects and scaling your organization, Project-scoped User group](../../organizations/projects/about-projects.md#project-scoped-user-group). 
+To limit select users access to organizational information, enable the **Limit user visibility for projects** preview feature and add the users to the **Project-Scoped Users** group. Once added, users in that group won't be able to access projects that they haven't been added to. 
 
-Complete the following steps to add users to the new Project-scoped user group:
+> [!NOTE]   
+> Users and groups added to the **Project-Scoped Users** group have limited access to project and organization information as well as limited access to select identities through the people picker. To learn more, see [About projects and scaling your organization, Limit user visibility for projects using the Project-Scoped Users group](../../organizations/projects/about-projects.md#project-scoped-user-group). 
+
+Complete the following steps to add users to the new **Project-Scoped Users** group:
 
 1. Sign in to your organization (```https://dev.azure.com/{yourorganization}```).
 
-2. Select ![gear icon](../../media/icons/gear-icon.png) **Organization settings**.
+1. Enable the **Limit user visibility for projects** preview feature for the organization. To learn how, see [Manage or enable features](../../project/navigation/preview-features.md#account-level). 
+
+	> [!TIP]  
+	> The **Project-Scoped Users** group only appears under the **Permissions>Groups** once **Limit user visibility for projects** preview feature is enabled. 
+
+2. Add users or groups to your project(s) as described in [Add users to a project or team](../security/add-users-team-project.md). Users added to a team are automatically added to the project and team group. 
+
+2. Open **Organizations Settings**, choose ![gear icon](../../media/icons/gear-icon.png) **Organization settings**.
 
    ![Open Organization settings](../../media/settings/open-admin-settings-vert.png)
 
-3. Select **Permissions** > **Users**.
-4. Select the user name for restricting views into projects.
-5. See the **Project-Scoped Users well-known group to hide settings** dropdown menu, and then set to **Allow**.
+3. Open **Security>Permissions** and choose **Project-Scoped Users**. Choose the **Members** tab. Add all users and groups that you want to scope to the project(s) you've added them to. 
+
+	To learn more, see [Set permissions at the project- or collection-level](../security/set-project-collection-level-permissions.md). 
 
-6. **Save** your changes.
 
 ::: moniker-end  
 

docs/notifications/media/at-mention/at-mention-work-item.png

@@ -18,6 +18,8 @@
     href: change-organization-ownership.md
 - name: Manage your organization 
   items:
+  - name:  Manage preview features
+    href: ../../project/navigation/preview-features.md?toc=/azure/devops/organizations/toc.json&bc=/azure/devops/organizations/breadcrumb/toc.json
   - name: Rename organization
     href: rename-organization.md 
   - name: Delete organization

docs/notifications/media/at-mention/identity-selector.png

@@ -37,16 +37,11 @@ By default, Project Collection Administrators are the only group that have full
 
 ### Audit permissions
 
-**Project Collection Administrators group**
-
-Members of the Project Collection Administrators group have full access to all auditing features.
-
-**Project Collection Valid Users group**
-
-Members of the Project Collection Valid Users group can view the Auditing page and export audit logs.
+- Members of the **Project Collection Administrators** group have full access to all auditing features.
+- Members of the **Project Collection Valid Users** group can view the Auditing page and export audit logs.
 
 > [!NOTE]  
-> If the **Project-Scoped Users well known group to hide settings** preview feature is enabled for the organization, users added to the **Project-scoped Users** group won't be able to access projects that they haven't been added to. To learn more, see [About projects and scaling your organization, Project-scoped User group](../../organizations/projects/about-projects.md#project-scoped-user-group). 
+> If the **Limit user visibility for projects** preview feature is enabled for the organization, users added to the **Project-Scoped Users** group can't view **Auditing** and have limited visibility to **Organization Setting** pages.  To learn more, see [About projects and scaling your organization, Project-scoped Users group](../../organizations/projects/about-projects.md#project-scoped-user-group). 
 
 ## Access auditing