Merge pull request #2 from MicrosoftDocs/release-2019-cu17

Release 2019 cu17

Author: MikeRayMSFT

.openpublishing.redirection.json

@@ -59444,6 +59444,11 @@
       "source_path": "docs/ssms/scripting/transact-sql-debugger-quickwatch-dialog-box.md",
       "redirect_url": "/sql/ssms/scripting/transact-sql-debugger-information",
       "redirect_document_id": false
+    },
+    {
+      "source_path": "docs/tools/sqlpackage/troubleshooting-import-export-sqlpackage.md",
+      "redirect_url": "/sql/tools/sqlpackage/troubleshooting-issues-and-performance-with-sqlpackage",
+      "redirect_document_id": false
     }
   ]
 }

ReadMe.md

@@ -13,14 +13,14 @@ For more information, see the [Code of Conduct FAQ](https://opensource.microsoft
 
 # Microsoft SQL Server Technical Documentation
 
-You've found the GitHub repository that houses the source for the SQL Server technical documentation published on [https://docs.microsoft.com](https://docs.microsoft.com).
+You've found the GitHub repository that houses the source for [SQL Server technical documentation](https://docs.microsoft.com/sql).
 
 ## Contribute to documentation
 
 Anyone can submit changes to the SQL Server documentation. For more information, see [How to contribute to SQL Server Documentation](https://aka.ms/editsqldocs).
 
 ### Minor corrections
-Minor corrections or clarifications that you submit for documentation and code examples in this repo are covered by the [docs.microsoft.com - Terms of Use](https://docs.microsoft.com/legal/termsofuse).
+Minor corrections or clarifications that you submit for documentation and code examples in this repo are covered by the [Terms of Use](https://docs.microsoft.com/legal/termsofuse).
 
 ### Larger submissions
 If you submit a pull request with new content or significant changes to documentation or code examples and you are not an employee of Microsoft, we'll send a comment in GitHub asking you to submit an online Contribution License Agreement (CLA). We will need you to complete the online form before we can accept your pull request.

azure-sql/database/advance-notifications.md

@@ -25,7 +25,7 @@ Notifications can be configured so you can get texts, emails, Azure push notific
 > [!NOTE]
 > While [maintenance windows](maintenance-window.md) are generally available, advance notifications for maintenance windows are in public preview for Azure SQL Database and Azure SQL Managed Instance.
 
-## Create an advance notification
+## Configure an advance notification
 
 Advance notifications are available for Azure SQL databases that have their maintenance window configured. 
 
@@ -66,18 +66,18 @@ The following table shows the general-information notifications you may receive:
 
 |Status|Description|
 |:---|:---|
-|**Planned Deployment**| Received 24 hours prior to the maintenance event. Maintenance is planned on DATE between 5pm - 8am (local time) for DB xyz.|
-|**In-Progress** | Maintenance for database *xyz* is starting.| 
-|**Complete** | Maintenance of database *xyz* is complete. |
+|**Planned**| Received 24 hours prior to the maintenance event. Maintenance is planned on DATE between 5pm - 8am<sup>1</sup> (local time) in region *xyz*. |
+|**InProgress** | Maintenance for database(s) in region *xyz* is starting. | 
+|**Complete** | Maintenance of database(s) in region *xyz* is complete. |
+
+<sup>1</sup> Start and end time depend on the selected [maintenance window](maintenance-window.md). 
 
 The following table shows additional notifications that may be sent while maintenance is ongoing: 
 
 |Status|Description|
 |:---|:---|
-|**Extended** | Maintenance is in progress but didn't complete for database *xyz*. Maintenance will continue at the next maintenance window.| 
-|**Canceled**| Maintenance for database *xyz* is canceled and will be rescheduled later. |
-|**Blocked**|There was a problem during maintenance for database *xyz*. We'll notify you when we resume.| 
-|**Resumed**|The problem has been resolved and maintenance will continue at the next maintenance window.|
+|**Rescheduled** | 1) Maintenance is in progress but didn't complete inside maintenance window. 2) there was a problem during maintenance and it could not start. 3)  Planned maintenance has started but couldn't progress to the end and will continue in next maintenance window. | 
+|**Canceled**| Maintenance for database(s) in region *xyz* is canceled and will be rescheduled for later. |
 
 ## Permissions
 
@@ -105,6 +105,16 @@ resources
 | project resource, status, resourceGroup, location, startTimeUtc, endTimeUtc, impactType
 ```
 
+In Azure Resource Graph (ARG) explorer you might find values for the status of deployment that are bit different than the ones displayed in the notification content.
+
+|Status|Description|
+|:---|:---|
+|**Pending**| 1) Maintenance is planned on upcoming date. 2) Previously planned maintenance was rescheduled and is waiting to start in the next window. 3) Maintenance started but didn't complete in previous window and will continue in the next one. |
+|**InProgress** | Maintenance for resource *xyz* is starting or is in progress. | 
+|**Completed** | Maintenance for resource *xyz* is complete. |
+|**NoUpdatesPending** | Previously planned maintenance for resource *xyz* is canceled and will be rescheduled for later. |
+|**RetryLater** | Planned maintenance for resource *xyz* has started but couldn't progress to the end and will continue in next maintenance window. |
+
 For the full reference of the sample queries and how to use them across tools like PowerShell or Azure CLI, visit [Azure Resource Graph sample queries for Azure Service Health](/azure/service-health/resource-graph-samples).
 
 

azure-sql/database/audit-write-storage-account-behind-vnet-firewall.md

@@ -37,10 +37,16 @@ For audit to write to a storage account behind a VNet or firewall, the following
 > [!div class="checklist"]
 >
 > * A general-purpose v2 storage account. If you have a general-purpose v1 or blob storage account, [upgrade to a general-purpose v2 storage account](/azure/storage/common/storage-account-upgrade). For more information, see [Types of storage accounts](/azure/storage/common/storage-account-overview#types-of-storage-accounts).
+> * The premium storage with BlockBlobStorage is supported
 > * The storage account must be on the same tenant and at the same location as the [logical SQL server](logical-servers.md) (it's OK to be on different subscriptions).
 > * The Azure Storage account requires `Allow trusted Microsoft services to access this storage account`. Set this on the Storage Account **Firewalls and Virtual networks**.
 > * You must have `Microsoft.Authorization/roleAssignments/write` permission on the selected storage account. For more information, see [Azure built-in roles](/azure/role-based-access-control/built-in-roles).
 
+> [!NOTE]
+> When Auditing to stoarge account is already enabled on a server / db, and if the target storage account is moved behind a firewall, we lose write access to 
+the storage account and audit logs stop getting written to it.To make auditing work we have to resave the audit settings from portal. 
+   
+
 ## Configure in Azure portal
 
 Connect to [Azure portal](https://portal.azure.com) with your subscription. Navigate to the resource group and server.

azure-sql/database/auditing-overview.md

@@ -42,6 +42,7 @@ You can use SQL Database auditing to:
 ### Auditing limitations
 
 - **Premium storage** with **BlockBlobStorage** is supported.
+- **User managed identity** authentication type for enabling auditing to **storage** is not yet supported.
 - **Hierarchical namespace** for all types of **standard storage account** and **premium storage account with BlockBlobStorage** is supported.
 - Enabling auditing on a paused **Azure Synapse** is not supported. To enable auditing, resume Azure Synapse.
 - Auditing for **Azure Synapse SQL pools** supports default audit action groups **only**.
@@ -201,7 +202,7 @@ If you chose to write audit logs to an Azure storage account, there are several
   - You can view specific dates by clicking **Filter** at the top of the **Audit records** page.
   - You can switch between audit records that were created by the *server audit policy* and the *database audit policy* by toggling **Audit Source**.
 
-       ![Screenshot that shows the options for viewing the audit records.]( ./media/auditing-overview/8_auditing_get_started_blob_audit_records.png)
+       ![Screenshot that shows the options for viewing the audit records.](./media/auditing-overview/8_auditing_get_started_blob_audit_records.png)
 
 - Use the system function **sys.fn_get_audit_file** (T-SQL) to return the audit log data in tabular format. For more information on using this function, see [sys.fn_get_audit_file](/sql/relational-databases/system-functions/sys-fn-get-audit-file-transact-sql).
 

azure-sql/database/authentication-aad-configure.md

@@ -79,7 +79,7 @@ When using Azure Active Directory with geo-replication, the Azure Active Directo
 > [!IMPORTANT]
 > Only follow these steps if you are provisioning an Azure SQL Managed Instance. This operation can only be executed by Global Administrator or a Privileged Role Administrator in Azure AD.
 >
-> In **public preview**, you can assign the **Directory Readers** role to a group in Azure AD. The group owners can then add the managed instance identity as a member of this group, which would allow you to provision an Azure AD admin for the SQL Managed Instance. For more information on this feature, see [Directory Readers role in Azure Active Directory for Azure SQL](authentication-aad-directory-readers-role.md).
+> You can assign the **Directory Readers** role to a group in Azure AD. The group owners can then add the managed instance identity as a member of this group, which would allow you to provision an Azure AD admin for the SQL Managed Instance. For more information on this feature, see [Directory Readers role in Azure Active Directory for Azure SQL](authentication-aad-directory-readers-role.md).
 
 Your SQL Managed Instance needs permissions to read Azure AD to successfully accomplish tasks such as authentication of users through security group membership or creation of new users. For this to work, you need to grant the SQL Managed Instance permission to read Azure AD. You can do this using the Azure portal or PowerShell.