Merge branch 'release-sqlseattle' of https://github.com/MicrosoftDocs/sql-docs-pr into vnext

Author: negust-microsoft

docs/advanced-analytics/install/sql-machine-learning-services-ver15.md

@@ -12,10 +12,16 @@ monikerRange: ">=sql-server-ver15||=sqlallproducts-allversions"
 # Differences in SQL Server Machine Learning Services installation in SQL Server 2019  
 [!INCLUDE[appliesto-ss-xxxx-xxxx-xxx-md-winonly](../../includes/appliesto-ss-xxxx-xxxx-xxx-md-winonly.md)]
 
-On Windows, SQL Server 2019 Setup changes the isolation mechanism, substituting AppContainers for local worker accounts, for external processes running Java, R, or Python tasks. If you are adding programming extensions or machine learning to a database engine instance, this article explains how Setup provisions the server to contain those processes.
+On Windows, SQL Server 2019 Setup changes the isolation mechanism for external processes running Java, R, or Python tasks by replacing local worker accounts with [AppContainers](https://docs.microsoft.com/windows/desktop/secauthz/appcontainer-for-legacy-applications-). AppContainers are a containment feature for client apps running on Windows. If you are adding programming extensions or machine learning to a database engine instance, this article explains how Setup provisions the server to contain those processes. 
 
 Although process isolation has changed, the mechanics of installation remain the same. If you installed the previous version, you'll notice that the Installation wizard and command-line parameters are unchanged in SQL Server 2019. For help with installation, see [Install SQL Server Machine Learning Services](sql-machine-learning-services-windows-install.md).
 
+There are no specific action items for the administrator as a result of this change.
+
++ On a new or upgraded server, extensions for R, Python, and Java use the new isolation model automatically. 
++ **SQLRUserGroup** continues to be used in Access Control Lists (ACLs). 
++ **SQL Server Launchpad service** continues in its role of starting up external processes, but is now also running those processes in individual AppContainers, one per process. 
+
 ## About AppContainer isolation
 
 In previous releases, **SQLRUserGroup** contained a pool of local Windows user accounts (MSSQLSERVER00-MSSQLSERVER20) for isolating and running external processes. When an external process was needed, SQL Server Launchpad service would take an available account and use it to run a process. 
@@ -33,7 +39,7 @@ Summarized, the main differences with AppContainer isolation are:
 
 + Physical accounts worker accounts under **SQLRUserGroup** are no longer created. This is beneficial for machines with policies that disable local users from logging on, and with passwords that expire. 
 + **SQLRUserGroup** continues to be granted 'read and execute' permissions to the SQL Server **Binn**, **R_SERVICES**, and **PYTHON_SERVICES** directories, but membership now consists of just the SQL Server Launchpad service.
-+ All external scripts and code executed from [sp_execute_external_script](../../relational-databases/system-stored-procedures/sp-execute-external-script-transact-sql.md)follow the new security model. This applies to R, Python, and the new Java language extension introduced in SQL Server 2019.
++ All external scripts and code executed from [sp_execute_external_script](../../relational-databases/system-stored-procedures/sp-execute-external-script-transact-sql.md) follow the new security model. This applies to R, Python, and the new Java language extension introduced in SQL Server 2019.
 
 As before, additional configuration is still required for *implied authentication*, where script or code has to connect back to SQL Server to retrieve data or resources. The additional configuration is creating a database login for **SQLRUserGroup**. For more information, see [Add SQLRUserGroup as a database user](../r/add-sqlrusergroup-to-database.md)
 
@@ -55,4 +61,4 @@ A symbolic link is created to the current default **R_SERVICES location** as par
 
 + [Install SQL Server Machine Learning Services on Windows](sql-machine-learning-services-windows-install.md)
 
-+ [Install SQL Server 2019 Machine Learning Services on Linux](../../linux/sql-server-linux-setup-machine-learning.md)
++ [Install SQL Server 2019 Machine Learning Services on Linux](../../linux/sql-server-linux-setup-machine-learning.md)

docs/advanced-analytics/r/upgrade-and-installation-faq-sql-server-r-services.md

@@ -26,7 +26,7 @@ Depending on the build of SQL Server that you are installing, some of the follow
 
 - In early versions of SQL Server 2016 R Services, 8dot3 notation was required on the drive that contains the working directory. If you installed a pre-release version, upgrading to SQL Server 2016 Service Pack 1 should fix this issue. This requirement does not apply to releases after SP1.
 
-- Currently, you cannot install [!INCLUDE[rsql_productname](../../includes/rsql-productname-md.md)] on a failover cluster. However, SQL Server vNext does provide failover support if you would like to evaluate this capablity in a test environment. For more information, see [What's New](../what-s-new-in-sql-server-machine-learning-services.md).
+- Currently, you cannot install [!INCLUDE[rsql_productname](../../includes/rsql-productname-md.md)] on a failover cluster. However, SQL Server 2019 preview does provide failover support if you would like to evaluate this capablity in a test environment. For more information, see [What's New](../what-s-new-in-sql-server-machine-learning-services.md).
 
 - On an Azure VM, some additional configuration might be necessary. For example, you might need to create a firewall exception to support remote access.
 

docs/advanced-analytics/toc.yml

@@ -31,7 +31,7 @@
     items:
     - name: CAB downloads (offline setup)
       href: install/sql-ml-cab-downloads.md
-  - name: Command-prompt setup
+  - name: Command prompt setup
     href: install/sql-ml-component-commandline-install.md
   - name: Upgrade R and Python
     href: r/use-sqlbindr-exe-to-upgrade-an-instance-of-sql-server.md
@@ -206,7 +206,7 @@
       href: r/data-exploration-and-predictive-modeling-with-r.md
     - name: Load R objects using ODBC
       href: r/save-and-load-r-objects-from-sql-server-using-odbc.md
-    - name: Converting R Code for Use in Machine Learning Services
+    - name: Converting R code for use in Machine Learning Services
       href: r/converting-r-code-for-use-in-sql-server.md
     - name: Creating multiple models using rxExecBy
       href: r/creating-multiple-models-using-rxexecby.md
@@ -224,13 +224,13 @@
       href: sql-native-scoring.md
   - name: Performance
     items:
-    - name: Performance tuning for R - Overview
+    - name: Performance tuning overview in R
       href: r/sql-server-r-services-performance-tuning.md
-    - name: Performance tuning for R - SQL Server configuration)
+    - name: Performance tuning server configuration
       href: r/sql-server-configuration-r-services.md
-    - name: Performance tuning for R - R and data optimization
+    - name: Performance tuning - data optimization in R
       href: r/r-and-data-optimization-r-services.md
-    - name: Performance tuning for R - Results
+    - name: Performance tuning for results in R
       href: r/performance-case-study-r-services.md
     - name: Use R code profiling functions
       href: r/using-r-code-profiling-functions.md
@@ -275,7 +275,7 @@
 - name: Reference
   href: r/machine-learning-services-r-reference.md
   items:
-  - name: R Packages
+  - name: R packages
     href: r/machine-learning-services-r-reference.md
     items:
     - name: olapR in SQL
@@ -288,7 +288,7 @@
       href: r/scaler-functions-for-working-with-sql-server-data.md
     - name: sqlrutils in SQL
       href: r/generating-an-r-stored-procedure-for-r-code-using-the-sqlrutils-package.md
-  - name: Python Packages
+  - name: Python packages
     items:
     - name: revoscalepy in SQL
       href: python/what-is-revoscalepy.md

docs/advanced-analytics/tutorials/r-tutorial-create-models-per-partition.md

@@ -141,7 +141,7 @@ go
 
 ### Parallel execution
 
-Notice that the `sp_execute_external_script` inputs include `@parallel=1`, used to enable parallel processing. In contrast with previous releases, in SQL Server vNext, setting `@parallel=1` delivers a stronger hint to the query optimizer, making parallel execution a much more likely outcome.
+Notice that the `sp_execute_external_script` inputs include `@parallel=1`, used to enable parallel processing. In contrast with previous releases, in SQL Server 2019, setting `@parallel=1` delivers a stronger hint to the query optimizer, making parallel execution a much more likely outcome.
 
 By default, the query optimizer tends to operate under `@parallel=1` on tables having more than 256 rows, but if you can handle this explicitly by setting `@parallel=1` as shown in this script.
 
@@ -301,7 +301,7 @@ In this tutorial, you used [sp_execute_external_script](https://docs.microsoft.c
 
 **(Not for production workloads)**
 
-One of the more common approaches for executing R or Python code on SQL data is providing script as an input parameter to the [sp_execute_external_script](https://docs.microsoft.com/sql/relational-databases/system-stored-procedures/sp-execute-external-script-transact-sql) stored procedure. In this CTP release, SQL Server vNext adds new parameters to `sp_execute_external_script` to process partitions with the external script executing once for every partition:
+One of the more common approaches for executing R or Python code on SQL data is providing script as an input parameter to the [sp_execute_external_script](https://docs.microsoft.com/sql/relational-databases/system-stored-procedures/sp-execute-external-script-transact-sql) stored procedure. In this CTP release, SQL Server 2019 adds new parameters to `sp_execute_external_script` to process partitions with the external script executing once for every partition:
 
 | Parameter | Usage |
 |-----------|-------|

docs/advanced-analytics/what-s-new-in-sql-server-machine-learning-services.md

@@ -17,15 +17,15 @@ monikerRange: ">=sql-server-2016||=sqlallproducts-allversions"
 Machine learning capabilities are added to SQL Server in each release as we continue to expand, extend, and deepen the integration between the data platform and the data science, analytics, and supervised learning you want to implement over your data. 
 
 ::: moniker range=">=sql-server-ver15||=sqlallproducts-allversions"
-## New in SQL Server vNext
+## New in SQL Server 2019 preview
 
 This release adds the top-requested features for R and Python machine learning operations in SQL Server. For more information about other features in this release, see [What's New in SQL Server 2019](../sql-server/what-s-new-in-sql-server-ver15.md) and [Release Notes for SQL Server 2019](../sql-server/sql-server-ver15-release-notes.md).
 
 | Release | Date | Feature update |
 |---------|------|----------------|
-| CTP 2.0 | September 2018 | Linux platform support for SQL Server vNext Machine Learning Services (In-Database). <br/><br/>For instructions on Linux installation, see [Install SQL Server Machine Learning Services on Linux](../linux/sql-server-linux-setup-machine-learning.md). |
+| CTP 2.0 | September 2018 | Linux platform support for SQL Server 2019 Machine Learning Services (In-Database). <br/><br/>For instructions on Linux installation, see [Install SQL Server Machine Learning Services on Linux](../linux/sql-server-linux-setup-machine-learning.md). |
 | CTP 2.0 | September 2018 | Partition-based modeling. By setting new parameters on the [sp_execute_external_script](https://docs.microsoft.com/sql/relational-databases/system-stored-procedures/sp-execute-external-script-transact-sql) system stored procedure, you can specify a column in the data set that naturally segments data into partitions (some examples are geographic regions, dates, age or gender, categories). At execution time, individual models are generated for each partition, with external script executing once for every partition. <br/><br/>Learn more in this tutorial, [Create partition-based models in R](tutorials/r-tutorial-create-models-per-partition.md). |
-| CTP 2.0 | September 2018 | Failover cluster support. You can install SQL Server vNext Machine Learning Services (In-Database) on a Windows failover cluster to meet your SLA requirements if your primary server fails over. Acceptance of the licensing agreements for R and Python distributions is a Setup requirement. <br/><br/> ![](install/media/sql-15-failoverclusterinstall-sqlmls-small.png)|
+| CTP 2.0 | September 2018 | Failover cluster support. You can install SQL Server 2019 Machine Learning Services (In-Database) on a Windows failover cluster to meet your SLA requirements if your primary server fails over. Acceptance of the licensing agreements for R and Python distributions is a Setup requirement. <br/><br/> ![](install/media/sql-15-failoverclusterinstall-sqlmls-small.png)|
 ::: moniker-end
 
 ::: moniker range=">=sql-server-2017||=sqlallproducts-allversions"
@@ -92,7 +92,7 @@ For feature announcements all-up, see [What's New in SQL Server 2016](../sql-ser
 
 ## Linux support roadmap
 
-SQL Server vNext CTP 2.0 adds Linux support for **R only** in-database analytics when you install the machine learning packages with a database engine instance. Python support is forthcoming but there is no projected date at this time. For more information, see [Install SQL Server Machine Learning Services on Linux](../linux/sql-server-linux-setup-machine-learning.md).
+SQL Server 2019 CTP 2.0 adds Linux support for **R only** in-database analytics when you install the machine learning packages with a database engine instance. Python support is forthcoming but there is no projected date at this time. For more information, see [Install SQL Server Machine Learning Services on Linux](../linux/sql-server-linux-setup-machine-learning.md).
 
 On SQL Server 2017, there is no R or Python in-database support in SQL Server 2017 on Linux, with the exception of [native scoring](sql-native-scoring.md) using the T-SQL PREDICT function. Native scoring lets you score from a pretrained model very fast, without calling or even requiring an R runtime. This means you can use SQL Server on Linux to generate predictions very fast, to serve client applications.
 

docs/relational-databases/security/encryption/always-encrypted-enclaves.md

@@ -22,7 +22,7 @@ Always Encrypted with secure enclaves provides additional functionality to the [
 
 Introduced in SQL Server 2016, Always Encrypted protects the confidentiality of sensitive data from malware and high-privileged *unauthorized* users of SQL Server. High-privileged unauthorized users are DBAs, computer admins, cloud admins, or anyone else who has legitimate access to server instances, hardware, etc., but who should not have access to some or all of the actual data. 
 
-Until now, Always Encrypted protected the data by encrypting it on the client side and never allowing the data or the corresponding cryptographic keys to appear in plaintext inside the SQL Server Engine. As a result, the functionality on encrypted columns inside the database was severely restricted. The only operation SQL Server could perform on encrypted data was equality comparisons (and equality comparisons were only available with deterministic encryption). All other operations, including cryptographic operations (initial data encryption or key rotation), or rich computations (for example, pattern matching) were not supported inside the database. Users needed to move the data outside of the database to perform these operations on the client-side.
+Until now, Always Encrypted protected the data by encrypting it on the client side and never allowing the data or the corresponding cryptographic keys to appear in plaintext inside the SQL Server Engine. As a result, the functionality on encrypted columns inside the database was severely restricted. The only operations SQL Server could perform on encrypted data were equality comparisons (and equality comparisons were only available with deterministic encryption). All other operations, including cryptographic operations (initial data encryption or key rotation), or rich computations (for example, pattern matching) were not supported inside the database. Users needed to move the data outside of the database to perform these operations on the client-side.
 
 Always Encrypted *with secure enclaves* addresses these limitations by allowing computations on plaintext data inside a secure enclave on the server side. A secure enclave is a protected region of memory within the SQL Server process, and acts as a trusted execution environment for processing sensitive data inside the SQL Server engine. A secure enclave appears as a black box to the rest of the SQL Server and other processes on the hosting machine. There is no way to view any data or code inside the enclave from the outside, even with a debugger.  
 
@@ -59,7 +59,7 @@ The secure enclave inside the SQL Server Engine can access sensitive data stored
 
 The process of verifying the enclave is called **enclave attestation**, and it usually involves a client driver within the application (and sometimes also SQL Server) contacting an external attestation service. The specifics of the attestation process depend on the enclave technology and the attestation service.
 
-The attestation process, SQL Server supports for VBS secure enclaves in SQL Server vNext CTP is Windows Defender System Guard runtime attestation, which uses Host Guardian Service (HGS) as an attestation service. You need to configure HGS in your environment and register the machine hosting your SQL Server instance in HGS. You also must configure you client applications or tools (for example, SQL Server Management Studio) with an HGS attestation.
+The attestation process SQL Server supports for VBS secure enclaves in SQL Server 2019 CTP 2.0 is Windows Defender System Guard runtime attestation, which uses Host Guardian Service (HGS) as an attestation service. You need to configure HGS in your environment and register the machine hosting your SQL Server instance in HGS. You also must configure you client applications or tools (for example, SQL Server Management Studio) with an HGS attestation.
 
 ## Secure Enclave Providers
 
@@ -132,7 +132,7 @@ The following limitations apply to the current Preview, but are on the roadmap t
 
 - The only supported key stores for storing enclave-enabled column master keys are Windows Certificate Store and Azure Key Vault.
 
-- Tooling support for Always Encrypted with secure enclaves is currently incomplete. To trigger an in-place cryptographic operation via an ALTER TABLE Transact-SQL statement, you need to issue the statement using a query window in SSMS, or you can write your own program that issues the statement. The Set-SqlColumnEncryption cmdlet in the SqlServer PowerShell module and the Always Encrypted wizard in SQL Server Management Studio do not support in-place encryption yet - both tools currently move the data out of the database for cryptographic operations, event the column encryption keys used for the operations are enclave-enabled. 
+- Tooling support for Always Encrypted with secure enclaves is currently incomplete. To trigger an in-place cryptographic operation via an ALTER TABLE Transact-SQL statement, you need to issue the statement using a query window in SSMS, or you can write your own program that issues the statement. The Set-SqlColumnEncryption cmdlet in the SqlServer PowerShell module and the Always Encrypted wizard in SQL Server Management Studio do not support in-place encryption yet - both tools currently move the data out of the database for cryptographic operations, even if the column encryption keys used for the operations are enclave-enabled. 
 
 ## Known issues