initial add of 7 new security refresh topics (#4313)

* initial add of 7 new security refresh topics

* adding one new file and renaming another, address build warnings

* updates to cross-links, 1

* commit updates to best practices

* first draft of Request changes to permission levels

* Correcting some broken links.

* replacing links to set-project-collection-level-permissions.md.

* resolve merge conflicts, add-org-users

* commit updates to replacement links of article to be deleted

* more cross-link replacements

* First draft of look up articles

* fix build errors and warnings

* additional fixes, added one redirect.

* first draft of Add or remove users or groups, manage security groups

AB#1914342: Add a user or group to a security group (quickstart)

* second draft of Add or remove users or groups, manage security groups

* minor updates

* sync latest

* fix build warnings

* updates to project and collection level changes

* additional updates

* finishing up

* removing change-individual-permissions.md

* Address blocking and non-blocking issues.

* syntax fix

Author: KathrynEE

.openpublishing.redirection.json

@@ -19,6 +19,21 @@
       "source_path": "docs/marketplace/how-to/uninstall-disable-extensions-tfs.md",
       "redirect_url": "/azure/devops/marketplace/uninstall-disable-extensions",
       "redirect_document_id": false
+    },
+    {
+      "source_path": "docs/organizations/security/set-project-collection-level-permissions.md",
+      "redirect_url": "/azure/devops/organizations/security/change-project-level-permissions",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "docs/organizations/security/lookup-organization-owner-admin.md",
+      "redirect_url": "/azure/devopsorganizations/security/request-changes-permissions",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "docs/organizations/security/change-individual-permissions.md",
+      "redirect_url": "/azure/devopsorganizations/security/request-changes-permissions",
+      "redirect_document_id": false
     }
   ]
 }

docs/artifacts/get-started-nuget.md

@@ -18,7 +18,7 @@ Developers can use Azure Artifacts to publish and consume NuGet packages both to
 ## Prerequisites
 
 - [Install NuGet client tools](/nuget/install-nuget-client-tools)
-- [Project and org permissions](../organizations/security/lookup-organization-owner-admin.md) to use Azure Artifacts.
+- [Feed permissions](feeds/feed-permissions.md).
 
 ::: moniker range=">=tfs-2017 <= tfs-2018"
 

docs/boards/backlogs/delete-test-artifacts.md

@@ -35,15 +35,15 @@ When you delete test artifacts, the following actions occur:
 
 ::: moniker range=">= azure-devops-2019"
 
-- To delete test runs, you must be a member of the Project Administrators group or have the project-level [**Delete test runs**](../../organizations/security/set-project-collection-level-permissions.md#project-level) permission set to **Allow**. 
+- To delete test runs, you must be a member of the Project Administrators group or have the project-level [**Delete test runs**](../../organizations/security/change-project-level-permissions.md) permission set to **Allow**. 
 - To delete test plans and test suites, you must be a member of the Project Administrators group or have the Area Path node-level [**Manage test plans** or **Manage test suites**](../../organizations/security/set-permissions-access-work-tracking.md#manage-test-artifacts) permission set to **Allow**. 
 - To manage or delete test artifacts, you must also have your [access level](../../organizations/security/access-levels.md) set to **Basic + Test Plans** or **Visual Studio Enterprise**. This level provides access to the full Test Plans feature set. Users with Basic access and with permissions to permanently delete work items and manage test artifacts can only delete orphaned test cases. That is, they can delete test cases created from **Work** that aren't linked to any test plans or test suites. 
 
 ::: moniker-end
 
 ::: moniker range="< azure-devops-2019"
 
-- To delete test runs, you must be a member of the Project Administrators group or have the project-level [**Delete test runs**](../../organizations/security/set-project-collection-level-permissions.md#project-level) permission set to **Allow**. 
+- To delete test runs, you must be a member of the Project Administrators group or have the project-level [**Delete test runs**](../../organizations/security/change-project-level-permissions.md) permission set to **Allow**. 
 - To delete test plans and test suites, you must be a member of the Project Administrators group or have the Area Path node-level [**Manage test plans** or **Manage test suites**](../../organizations/security/set-permissions-access-work-tracking.md#manage-test-artifacts) permission set to **Allow**. 
 - You must also have your [access level set to Basic+Test Plans or Advanced](../../organizations/security/change-access-levels.md), which provides access to the full Test feature set. Users with Basic access and with permissions to permanently delete work items and manage test artifacts can only delete orphaned test cases. That is, they can delete test cases created from **Work** that aren't linked to any test plans or test suites. 
 

docs/boards/backlogs/move-change-type.md

@@ -60,7 +60,7 @@ In this article you'll learn:
 
 ::: moniker-end 
 
-To learn more, see [Set permissions and access for work tracking](../../organizations/security/set-permissions-access-work-tracking.md) or [Set permissions at the project-level or project collection-level](../../organizations/security/set-project-collection-level-permissions.md). 
+To learn more, see [Set permissions and access for work tracking](../../organizations/security/set-permissions-access-work-tracking.md) or [Change project-level permissions](../../organizations/security/change-project-level-permissions.md). 
 
 ::: moniker range="azure-devops"
 

docs/boards/backlogs/office/resolve-excel-data-conflicts-publish-refresh.md

@@ -51,4 +51,4 @@ A data conflict occurs when you try to publish a work item from [Excel](bulk-add
 
 ### Required permissions  
 
-To update work items, you must be a member of the **Contributors** group or have your **View work items in this node** and your **Edit work items in this node** permissions set to **Allow**. For more information, see [Add administrators, set permissions at the project-level or project collection-level](../../../organizations/security/set-project-collection-level-permissions.md). 
+To update work items, you must be a member of the **Contributors** group or have your **View work items in this node** and your **Edit work items in this node** permissions set to **Allow**. For more information, see [Change project-level permissions](../../../organizations/security/change-project-level-permissions.md). 

docs/boards/backlogs/office/resolve-excel-data-validation-errors.md

@@ -25,7 +25,7 @@ A data validation error occurs when a change in the work item list or project pl
 
 ## Prerequisites  
 
-To update work items, you must be a member of the **Contributors** group or have your **View work items in this node** and your **Edit work items in this node** permissions set to **Allow**. For more information, see [Add administrators, set permissions at the project-level or project collection-level](../../../organizations/security/set-project-collection-level-permissions.md). 
+To update work items, you must be a member of the **Contributors** group or have your **View work items in this node** and your **Edit work items in this node** permissions set to **Allow**. For more information, see [Change project-level permissions](../../../organizations/security/change-project-level-permissions.md). 
 
 
 <a name="ResolveDataValidationError"></a> 

docs/boards/backlogs/office/resolve-excel-invalid-links-tree-list.md

@@ -20,7 +20,7 @@ You can resolve most errors using the procedures provided in this article.
 
 ## Prerequisites  
 
-To update work items, you must be a member of the **Contributors** group or have your **View work items in this node** and your **Edit work items in this node** permissions set to **Allow**. For more information, see [Add administrators, set permissions at the project-level or project collection-level](../../../organizations/security/set-project-collection-level-permissions.md).
+To update work items, you must be a member of the **Contributors** group or have your **View work items in this node** and your **Edit work items in this node** permissions set to **Allow**. For more information, see [Change project-level permissions](../../../organizations/security/change-project-level-permissions.md).
 
 <a name="tf208000"></a>
 

docs/boards/backlogs/remove-delete-work-items.md

@@ -408,7 +408,7 @@ To programmatically delete, restore, and destroy work items, see one of the foll
 - [View and add work items using the Work Items page](../work-items/view-add-work-items.md)  
 - [Delete test artifacts](delete-test-artifacts.md) 
 - [Set permissions and access for work tracking](../../organizations/security/set-permissions-access-work-tracking.md)  
-- [Set permissions at the project-level or project collection-level](../../organizations/security/set-project-collection-level-permissions.md)  
+- [Change project-level permissions](../../organizations/security/change-project-level-permissions.md)  
 - [Stakeholder access quick reference](../../organizations/security/stakeholder-access.md) 
 ::: moniker-end
 
@@ -419,7 +419,7 @@ To programmatically delete, restore, and destroy work items, see one of the foll
 - [Remove work items permanently (witadmin destroywi)](../../reference/witadmin/remove-work-items-permanently.md)
 - [Delete test artifacts](delete-test-artifacts.md) 
 - [Set permissions and access for work tracking](../../organizations/security/set-permissions-access-work-tracking.md)  
-- [Set permissions at the project-level or project collection-level](../../organizations/security/set-project-collection-level-permissions.md)  
+- [Change project-level permissions](../../organizations/security/change-project-level-permissions.md)  
 - [Stakeholder access quick reference](../../organizations/security/stakeholder-access.md) 
 
 ::: moniker-end

docs/boards/configure-customize.md

@@ -523,7 +523,7 @@ Because process-level, project-level and team-level settings can have a wide imp
 
 ### Process-level changes 
 
-To create, edit, or manage Inherited processes and apply them to projects, you must be a member of the [Project Collection Administrators group](../organizations/security/set-project-collection-level-permissions.md). Or, you must have  the corresponding permissions **Create process**, **Delete process**, **Edit process**, or **Delete a field from organization** set to **Allow**. See [Set permissions and access for work tracking, Customize an inherited process](../organizations/security/set-permissions-access-work-tracking.md#customize-an-inherited-process).
+To create, edit, or manage Inherited processes and apply them to projects, you must be a member of the [**Project Collection Administrators** group](../organizations/security/change-organization-collection-level-permissions.md). Or, you must have  the corresponding permissions **Create process**, **Delete process**, **Edit process**, or **Delete a field from organization** set to **Allow**. See [Set permissions and access for work tracking, Customize an inherited process](../organizations/security/set-permissions-access-work-tracking.md#customize-an-inherited-process).
 
 For additional information, see the following articles:  
 
@@ -533,7 +533,7 @@ For additional information, see the following articles:
 
 ### Project-level changes 
 
-To add Area Paths or Iteration Paths, you must be a member of the [Project Administrators or Project Collection Administrators groups](../organizations/security/set-project-collection-level-permissions.md). 
+To add Area Paths or Iteration Paths, you must be a member of the [**Project Administrators** group](../organizations/security/change-project-level-permissions.md). 
 
 Or, to add, edit, and manage Area Paths or Iteration Paths under a specific node, you must have been granted one or more of the following permissions set to **Allow**:
 
@@ -548,7 +548,7 @@ For additional information, see the following articles:
 
 ### Team-level changes
 
-All team tools can be configured by a [team administrator](../organizations/settings/add-team-administrator.md) or a member of the [Project Administrators or Project Collection Administrators groups](../organizations/security/set-project-collection-level-permissions.md).  
+All team tools can be configured by a [team administrator](../organizations/settings/add-team-administrator.md) or a member of the [**Project Administrators** group](../organizations/security/change-project-level-permissions.md). 
 
 Team administrators are tasked with performing the following operations:  
 - Add team members 

docs/boards/get-started/permissions-access-boards.md

@@ -23,7 +23,7 @@ In the tables provided in this article, a ✔️ indicates that the correspondin
 > [!NOTE]   
 > Team administrators can configure settings for their team's tools. Organization owners and members of the Project Administrators group can configure settings for all teams. 
 
-For a comparison chart of Stakeholder versus Basic access, see the [Feature matrix](https://azure.microsoft.com/services/devops/compare-features/). To assign or change an access level, see [Add users and assign licenses](../../organizations/accounts/add-organization-users.md). If you need to [grant specific users select permissions](../../organizations/security/change-individual-permissions.md), you can do so.
+For a comparison chart of Stakeholder versus Basic access, see the [Feature matrix](https://azure.microsoft.com/services/devops/compare-features/). To assign or change an access level, see [Add users and assign licenses](../../organizations/accounts/add-organization-users.md). If you need to [grant specific users select permissions](../../organizations/security/request-changes-permissions.md), you can do so.
 
 ## Work item feature access
 

docs/boards/github/add-remove-repositories.md

@@ -25,7 +25,7 @@ You can manage which GitHub repositories can participate in Azure Boards integra
 ## Prerequisites 
 
 * To add repositories to a connection, you must be the person who created the connection.  
-* To remove repositories or remove a connection, you must be the person who created the connection or belong to the [Project Administrators group](../../organizations/security/set-project-collection-level-permissions.md).  
+* To remove repositories or remove a connection, you must be the person who created the connection or belong to the [**Project Collection Administrators** group](../../organizations/security/change-organization-collection-level-permissions.md).  
 * To add repositories, you must be an administrator or owner of the GitHub repository you'll connect to. You can connect to multiple GitHub repositories so long as you're an administrator for those repositories.  
 
 ## Open Project Settings>GitHub Connections

docs/boards/github/configure-status-badges.md

@@ -27,7 +27,7 @@ The syntax shown works whether you've [connected your project to a GitHub.com or
 
 * Your Azure Boards project must be connected to the GitHub repository where the commits and pull requests you want to link to/from exist. For details, see [Azure Boards-GitHub integration](index.md).  
 * You must have a Kanban board you want to configure. When you add a team, you add a Kanban board for that team. To learn more, see [About teams and Agile tools](../../organizations/settings/about-teams-and-settings.md).
-* You must be added to the team administrator role for the team's settings you want to modify, or be a member of the **Project Administrators** security group. To get added, see [Add a team administrator](../../organizations/settings/add-team-administrator.md) or [Set permissions at the project- or collection-level](../../organizations/security/set-project-collection-level-permissions.md).
+* You must be added to the team administrator role for the team's settings you want to modify, or be a member of the **Project Administrators** security group. To get added, see [Add a team administrator](../../organizations/settings/add-team-administrator.md) or [Change project-level permissions](../../organizations/security/change-project-level-permissions.md).
 * To add the status badge to the GitHub.com repository, you must be a contributor of the repository.  
 
 

docs/boards/github/connect-on-premises-to-github.md

@@ -41,7 +41,7 @@ By connecting your Azure DevOps Server project with your GitHub Enterprise Serve
 
 * [Install the Azure Boards app for GitHub](install-github-app.md) on the GitHub organizations or account. 
 * Connect to an Azure Boards or Azure DevOps project. If you don't have a project yet, [create one](../../organizations/projects/create-project.md). 
-* You must be a member of the [Project Administrators group](../../organizations/security/set-project-collection-level-permissions.md) and the project's [Contributors group](../../organizations/security/add-users-team-project.md). If you created the project, then you have permissions. 
+* You must be a member of the [**Project Collection Administrators** group](../../organizations/security/change-organization-collection-level-permissions.md) and the project's [Contributors group](../../organizations/security/add-users-team-project.md). If you created the project, then you have permissions. 
 * You must be an administrator of the GitHub Enterprise Server you'll connect to. 
 
 

docs/boards/github/connect-to-github.md

@@ -25,7 +25,7 @@ When you make the connection from Azure Boards, the list of GitHub repositories
 ## Prerequisites 
 
 * Connect to an Azure Boards or Azure DevOps project. If you don't have a project yet, [create one](../get-started/sign-up-invite-teammates.md). 
-* You must be a member of the [Project Administrators group](../../organizations/security/set-project-collection-level-permissions.md) and the project's [Contributors group](../../organizations/security/add-users-team-project.md). If you created the project, you have permissions. 
+* You must be a member of the [**Project Collection Administrators** group](../../organizations/security/change-organization-collection-level-permissions.md) and the project's [Contributors group](../../organizations/security/add-users-team-project.md). If you created the project, you have permissions. 
 * You must be an administrator or owner of the GitHub repository you'll connect to. You can connect to multiple GitHub repositories so long as you're an administrator for those repositories. 
 
 

docs/boards/github/install-github-app.md

@@ -22,7 +22,7 @@ For an overview of the integration that the Azure Boards app for GitHub supports
 ## Prerequisites 
 
 * To install the Azure Boards app, you must be an administrator or owner of the GitHub organization.
-* To connect to the Azure Boards project, you must have read permission to the GitHub repository. Also, you must be a member of the [Project Administrators group](../../organizations/security/set-project-collection-level-permissions.md). If you created the project, then you have permissions. 
+* To connect to the Azure Boards project, you must have read permission to the GitHub repository. Also, you must be a member of the [**Project Collection Administrators** group](../../organizations/security/change-organization-collection-level-permissions.md). If you created the project, then you have permissions. 
 
 > [!IMPORTANT]  
 > If your repository is already connected via another authentication type such as OAuth, you'll need to remove that repository from your existing connection before re-connecting it via the GitHub App. Follow the steps provided in [Add or remove GitHub repositories](add-remove-repositories.md) before starting the GitHub App configuration.