Merge pull request #23935 from MicrosoftDocs/main

8/29 PM Publish

Author: huypub

azure-sql/managed-instance/connectivity-architecture-overview.md

@@ -131,9 +131,9 @@ These rules are necessary to ensure outbound management traffic flow. See [parag
 ### Mandatory user defined routes with service-aided subnet configuration
 These routes are necessary to ensure that management traffic is routed directly to a destination. See [paragraph above](#high-level-connectivity-architecture) for more information on connectivity architecture and management traffic.
 
-|Name|Address prefix|Next hop|
+|Name|Address prefix|Next hop <sup>2</sup>|
 |----|--------------|-------|
-|subnet-to-vnetlocal|MI SUBNET|Virtual network|
+|subnet-to-vnetlocal|MI SUBNET <sup>1</sup>|Virtual network|
 |mi-azurecloud-REGION-internet|AzureCloud.REGION|Internet|
 |mi-azurecloud-REGION_PAIR-internet|AzureCloud.REGION_PAIR|Internet|
 |mi-azuremonitor-internet|AzureMonitor|Internet|
@@ -148,9 +148,9 @@ These routes are necessary to ensure that management traffic is routed directly
 |mi-azureactivedirectory-internet|AzureActiveDirectory|Internet|
 
 
-\* MI SUBNET refers to the IP address range for the subnet in the form x.x.x.x/y. You can find this information in the Azure portal, in subnet properties.
+<sup>1</sup> MI SUBNET refers to the IP address range for the subnet in the form x.x.x.x/y. You can find this information in the Azure portal, in subnet properties.
 
-\** If the destination address is for one of Azure's services, Azure routes the traffic directly to the service over Azure's backbone network, rather than routing the traffic to the Internet. Traffic between Azure services does not traverse the Internet, regardless of which Azure region the virtual network exists in, or which Azure region an instance of the Azure service is deployed in. For more details check [UDR documentation page](/azure/virtual-network/virtual-networks-udr-overview).
+<sup>2</sup> If the destination address is for one of Azure's services, Azure routes the traffic directly to the service over Azure's backbone network, rather than routing the traffic to the Internet. Traffic between Azure services does not traverse the Internet, regardless of which Azure region the virtual network exists in, or which Azure region an instance of the Azure service is deployed in. For more details check [UDR documentation page](/azure/virtual-network/virtual-networks-udr-overview).
 
 In addition, you can add entries to the route table to route traffic that has on-premises private IP ranges as a destination through the virtual network gateway or virtual network appliance (NVA).
 

docs/linux/quickstart-install-connect-docker.md

@@ -551,7 +551,11 @@ The following steps use the [!INCLUDE [ssnoversion-md](../includes/ssnoversion-m
    ```
 
    > [!TIP]
-   > You can omit the password on the command-line to be prompted to enter it.
+   > You can omit the password on the command-line to be prompted to enter it. Here's an example:    
+    
+   ```bash
+     /opt/mssql-tools/bin/sqlcmd -S localhost -U SA
+   ```
 
 3. If successful, you should get to a **sqlcmd** command prompt: `1>`.
 

docs/relational-databases/security/trustworthy-database-property.md

@@ -2,7 +2,7 @@
 title: "TRUSTWORTHY Database Property | Microsoft Docs"
 description: Learn about the TRUSTWORTHY database property, which indicates whether the instance of SQL Server trusts the database and its contents. The default is OFF.
 ms.custom: ""
-ms.date: "03/14/2017"
+ms.date: 08/24/2022
 ms.prod: sql
 ms.prod_service: security
 ms.reviewer: ""
@@ -14,26 +14,75 @@ ms.assetid: 64b2a53d-4416-4a19-acc0-664a61b45348
 author: VanMSFT
 ms.author: vanto
 ---
-# TRUSTWORTHY Database Property
+
+# TRUSTWORTHY database property
+
  [!INCLUDE [SQL Server](../../includes/applies-to-version/sqlserver.md)]
-  The TRUSTWORTHY database property is used to indicate whether the instance of [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] trusts the database and the contents within it. By default, this setting is OFF, but can be set to ON by using the ALTER DATABASE statement. For example, `ALTER DATABASE AdventureWorks2012 SET TRUSTWORTHY ON;`.  
+  The TRUSTWORTHY database property is used to indicate whether the instance of [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] trusts the database and the contents within it. By default, this setting is OFF, but can be set to ON by using the `ALTER DATABASE` statement. For example, `ALTER DATABASE AdventureWorks2012 SET TRUSTWORTHY ON;`.  
 
 > [!NOTE]  
->  To set this option, you must be a member of the **sysadmin** fixed server role.  
+> To set this option, you must be a member of the **sysadmin** fixed server role.  
+
+We recommend that you leave the TRUSTWORTHY database property set to OFF to mitigate certain threats that can exist as a result of attaching a database that contains one of the following objects:
 
- This property can be used to reduce certain threats that can exist as a result of attaching a database that contains one of the following objects:  
+- Malicious assemblies with an EXTERNAL_ACCESS or UNSAFE permission setting. For more information, see [CLR Integration Security](../../relational-databases/clr-integration/security/clr-integration-security.md).  
 
--   Malicious assemblies with an EXTERNAL_ACCESS or UNSAFE permission setting. For more information, see [CLR Integration Security](../../relational-databases/clr-integration/security/clr-integration-security.md).  
+- Malicious modules that are defined to execute as high privileged users. For more information, see [EXECUTE AS Clause (Transact-SQL)](../../t-sql/statements/execute-as-clause-transact-sql.md).  
 
--   Malicious modules that are defined to execute as high privileged users. For more information, see [EXECUTE AS Clause (Transact-SQL)](../../t-sql/statements/execute-as-clause-transact-sql.md).  
-  
- Both of these situations require a specific degree of privileges and are protected against by appropriate mechanisms when they are used in the context of a database that is already attached to an instance of [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)]. However, if the database is taken offline, a user that has access to the database file can potentially attach it to an instance of [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] of his or her choice and add malicious content to the database. When databases are detached and attached in [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)], certain permissions are set on the data and log files that restrict access to the database files.  
-  
- Because a database that is attached to an instance of [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] cannot be immediately trusted, the database is not allowed to access resources beyond the scope of the database until the database is explicitly marked trustworthy. Therefore, if you backup or detach a database that has the TRUSTWORTHY option ON and you attach or restore the database to the same or another SQL Server instance, the TRUSTWORTHY property will be set to OFF upon attach/restore completion. Also, modules that are designed to access resources outside the database, and assemblies with either the EXTERNAL_ACCESS and UNSAFE permission setting, have additional requirements in order to run successfully.  
-  
-## Related Content  
- [Security Center for SQL Server Database Engine and Azure SQL Database](../../relational-databases/security/security-center-for-sql-server-database-engine-and-azure-sql-database.md)  
-  
- [ALTER DATABASE (Transact-SQL)](../../t-sql/statements/alter-database-transact-sql.md)  
+Both situations require a specific degree of privilege and are protected by appropriate mechanisms when they are used in the context of a database that is already attached to an instance of [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)]. However, if the database is taken offline, if you have access to the database file you can potentially attach it to an instance of [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] of your choice and add malicious content to the database. When databases are detached and attached in [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)], certain permissions are set on the data and log files that restrict access to the database files.  
 
+Because a database that is attached to an instance of [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] can't be immediately trusted, the database isn't allowed to access resources beyond the scope of the database until the database is explicitly marked trustworthy. Therefore, if you back up or detach a database that has the TRUSTWORTHY option ON and you attach or restore the database to the same or another SQL Server instance, the TRUSTWORTHY property will be set to OFF when attach or restore is completed. Also, modules that are designed to access resources outside the database, and assemblies with either the EXTERNAL_ACCESS and UNSAFE permission setting, have additional requirements to run successfully.  
+
+> [!NOTE]
+> By default, the TRUSTWORTHY setting is set to ON for the `msdb` database. If you change this setting from its default value, it might result in unexpected behavior by SQL Server components that use the `msdb` database.
+
+If the TRUSTWORTHY setting is set to ON, and if the owner of the database is a member of a group that has administrative credentials, such as the sysadmin group, the database owner can then be able to create and run unsafe assemblies that can compromise the instance of the SQL Server.
+
+## More information
+
+In an Internet Service Provider (ISP) environment (for example, in a web-hosting service), each customer is permitted to manage their own database and is restricted from accessing system databases and other user databases. For example, the databases of two competing companies could be hosted by the same ISP and exist in the same instance of SQL Server. Dangerous code could be added to a user database when the database is attached to its original instance, and the code would be enabled on the ISP instance when the database is deployed. This situation makes controlling cross-database access crucial.
+
+If the same general entity owns and manages each database, it is still not a good practice to establish a trust relationship with a database unless an application-specific feature, such as a cross-database Service Broker communication, is required. A trust relationship between databases can be established by enabling cross-database ownership chaining or by marking a database as trusted by the instance using the TRUSTWORTHY property. The `is_trustworthy_on` column of the `sys.databases` catalog view indicates if a database has its TRUSTWORTHY property set.
+
+The best practices for database ownership and trust include the following:
+
+- Have distinct owners for databases. Not all databases should be owned by the system administrator.
+- Limit the number of owners for each database.
+- Confer trust selectively.
+- Leave the [cross db ownership chaining](../../database-engine/configure-windows/cross-db-ownership-chaining-server-configuration-option.md) setting set to OFF unless multiple databases are deployed at a single unit.
+- Migrate usage to selective trust instead of using the TRUSTWORTHY property.
+
+The following code sample can be used to obtain a list of databases that have the TRUSTWORTHY property set to ON and whose database owner belongs to the **sysadmin** server role.
+
+```sql
+SELECT SUSER_SNAME(owner_sid) AS DBOWNER, d.name AS DATABASENAME 
+FROM sys.server_principals r 
+INNER JOIN sys.server_role_members m ON r.principal_id = m.role_principal_id 
+INNER JOIN sys.server_principals p ON p.principal_id = m.member_principal_id 
+INNER JOIN sys.databases d ON suser_sname(d.owner_sid) = p.name 
+WHERE is_trustworthy_on = 1 AND d.name NOT IN ('msdb') AND r.type = 'R' AND r.name = N'sysadmin' 
+```
+
+You can run the following query to determine the TRUSTWORTHY property of the `msdb` database:
+
+```sql
+SELECT name, trustworthy_setting = 
+CASE is_trustworthy_on
+WHEN 1 THEN 'Trustworthy setting is ON for msdb' 
+ELSE 'Trustworthy setting is OFF for msdb' 
+END 
+FROM sys.databases WHERE database_id = 4
+```
+
+If this query shows that the TRUSTWORTHY property is set to OFF, you can run the following query to set the TRUSTWORTHY property to ON.
+
+```sql
+ALTER DATABASE msdb SET TRUSTWORTHY ON;
+GO 
+```
 
+## Next steps
+
+ - [Security Center for SQL Server Database Engine and Azure SQL Database](../../relational-databases/security/security-center-for-sql-server-database-engine-and-azure-sql-database.md)  
+ - [ALTER DATABASE (Transact-SQL)](../../t-sql/statements/alter-database-transact-sql.md)
+ - [Extending Database Impersonation by Using EXECUTE AS](/previous-versions/sql/sql-server-2008-r2/ms188304(v=sql.105))

docs/sql-server/what-s-new-in-sql-server-2022.md

@@ -130,7 +130,7 @@ The [intelligent query processing (IQP)](../relational-databases/performance/int
 | New feature or update | Details |
 |:---|:---|
 | Integrated setup experience for the Azure extension for SQL Server | Install the Azure extension for SQL Server at setup. Required for Azure integration features. For more information, see:</br>- [Install SQL Server from the Command Prompt](../database-engine/install-windows/install-sql-server-from-the-command-prompt.md#install-sql-server-from-the-command-prompt) <br/>- [Install SQL Server from the Installation Wizard (Setup)](../database-engine/install-windows/install-sql-server-from-the-installation-wizard-setup.md?view=sql-server-ver16&preserve-view=true).|
-| Manage Azure Arc SQL Extension | Use SQL Server Configuration Manager to manage Azure Arc SQL Extension service. See [SQL Server Configuration Manager](../relational-databases/sql-server-configuration-manager.md). |
+| Manage Azure extension for SQL Server | Use SQL Server Configuration Manager to manage Azure extension for SQL Server service. Required to create Azure Arc-enabled SQL Server instance, and for other Azure connected features.  See [SQL Server Configuration Manager](../relational-databases/sql-server-configuration-manager.md). |
 | Max server memory calculations | During setup, SQL Setup recommends a value for max server memory to align with documented recommendations. The underlying calculation is different in SQL Server 2022 to reflect recommended [server memory configuration options](../database-engine/configure-windows/server-memory-server-configuration-options.md). |
 | Accelerated Database Recovery (ADR) improvements | There are several improvements to address persistent version store (PVS) storage and improve overall scalability. SQL Server 2022 implements a persistent version store cleaner thread per database instead of per instance and the memory footprint for PVS page tracker has been improved. There are also a number of ADR efficiency improvements, such as concurrency improvements that help the cleanup process to work more efficiently. ADR cleans pages that couldn't previously be cleaned due to locking.<br/><br/>See [ADR improvements in SQL Server 2022 (16.x) Preview](../relational-databases/accelerated-database-recovery-concepts.md#adr-improvements-in-).|
 | Improved snapshot backup support |  Adds Transact-SQL support for freezing and thawing I/O without requiring a VDI client. [Create a Transact-SQL snapshot backup](../relational-databases/backup-restore/create-a-transact-sql-snapshot-backup.md).|

docs/t-sql/functions/rtrim-transact-sql.md

@@ -4,7 +4,7 @@ description: "RTRIM (Transact-SQL)"
 author: MikeRayMSFT
 ms.author: mikeray
 ms.reviewer: randolphwest
-ms.date: 08/22/2022
+ms.date: 08/29/2022
 ms.prod: sql
 ms.prod_service: "database-engine, sql-database, synapse-analytics, pdw"
 ms.technology: t-sql
@@ -63,9 +63,7 @@ RTRIM ( character_expression )
 
 #### *character_expression*
 
-An [expression](../../t-sql/language-elements/expressions-transact-sql.md) of character data. *character_expression* can be a constant, variable, or column of either character or binary data.
-
-*character_expression* must be of a data type that is implicitly convertible to **varchar**. Otherwise, use [CAST](../../t-sql/functions/cast-and-convert-transact-sql.md) to explicitly convert *character_expression*.
+An [expression](../../t-sql/language-elements/expressions-transact-sql.md) of character or binary data. *character_expression* can be a constant, variable, or column. *character_expression* must be of a data type, except **text**, **ntext**, and **image**, that is implicitly convertible to **varchar**. Otherwise, use [CAST](../../t-sql/functions/cast-and-convert-transact-sql.md) to explicitly convert *character_expression*.
 
 ::: moniker range=">=sql-server-ver16 || >=sql-server-linux-ver16"
 #### *characters*
@@ -123,6 +121,8 @@ Four spaces are after the period in this sentence.     Next string.
 Four spaces are after the period in this sentence. Next string.
 ```
 
+::: moniker range=">=sql-server-ver16 || >=sql-server-linux-ver16"
+
 ### C. Remove specified characters from the end of a string
 
 The following example removes the characters `abc.` from the end of the `.123abc.` string.
@@ -136,6 +136,7 @@ SELECT RTRIM('.123abc.' , 'abc.');
 ```output
 .123
 ```
+::: moniker-end
 
 ## See also