Bringing even with master.

v-alje · v-alje · commit b764da511522 · 2018-04-16T17:08:53.000-07:00
diff --git a/docs/connect/homepage-sql-connection-programming.md b/docs/connect/homepage-sql-connection-programming.md
@@ -2,7 +2,7 @@
 title: "Homepage for SQL client programming | Microsoft Docs"
 description: "Hub page with annotated links to downloads and documentation for numerous combinations of languages and operating systems, for connecting to SQL Server or to Azure SQL Database."
 author: "MightyPen"
-ms.date: "11/29/2017"
+ms.date: "04/16/2018"
 ms.prod: "sql"
 ms.prod_service: "drivers"
 ms.service: ""
diff --git a/docs/docfx.json b/docs/docfx.json
@@ -56,6 +56,16 @@
 
       "monikerRange": {
 
+        "ado/**/*.md": ">= sql-server-2016 || >= sql-server-linux-2017 || = azuresqldb-current || = azuresqldb-mi-current || = azure-sqldw-latest || >= aps-pdw-2016 || = sqlallproducts-allversions",
+        "connect/**/*.md": ">= sql-server-2016 || >= sql-server-linux-2017 || = azuresqldb-current || = azuresqldb-mi-current || = azure-sqldw-latest || >= aps-pdw-2016 || = sqlallproducts-allversions",
+        "data-quality-services/**/*.md": ">= sql-server-2016 || >= sql-server-linux-2017 || = azuresqldb-current || = azuresqldb-mi-current || = azure-sqldw-latest || >= aps-pdw-2016 || = sqlallproducts-allversions",
+        "dma/**/*.md": ">= sql-server-2016 || >= sql-server-linux-2017 || = azuresqldb-current || = azuresqldb-mi-current || = azure-sqldw-latest || >= aps-pdw-2016 || = sqlallproducts-allversions",
+        "master-data-services/**/*.md": ">= sql-server-2016 || >= sql-server-linux-2017 || = azuresqldb-current || = azuresqldb-mi-current || = azure-sqldw-latest || >= aps-pdw-2016 || = sqlallproducts-allversions",
+        "odbc/**/*.md": ">= sql-server-2016 || >= sql-server-linux-2017 || = azuresqldb-current || = azuresqldb-mi-current || = azure-sqldw-latest || >= aps-pdw-2016 || = sqlallproducts-allversions",
+        "reporting-services/**/*.md": ">= sql-server-2016 || >= sql-server-linux-2017 || = azuresqldb-current || = azuresqldb-mi-current || = azure-sqldw-latest || >= aps-pdw-2016 || = sqlallproducts-allversions",
+        "sql-operations-studio/**/*.md": ">= sql-server-2016 || >= sql-server-linux-2017 || = azuresqldb-current || = azuresqldb-mi-current || = azure-sqldw-latest || >= aps-pdw-2016 || = sqlallproducts-allversions",
+        "ssma/**/*.md": ">= sql-server-2016 || >= sql-server-linux-2017 || = azuresqldb-current || = azuresqldb-mi-current || = azure-sqldw-latest || >= aps-pdw-2016 || = sqlallproducts-allversions",
+
         "advanced-analytics/**/*.md": ">= sql-server-2016 || = sqlallproducts-allversions",
         "analysis-services/**/*.md": ">= sql-analysis-services-2016 || = sqlallproducts-allversions",
         "analytics-platform-system/**/*.md": ">= aps-pdw-2016 || = sqlallproducts-allversions",
@@ -66,11 +76,10 @@
         "mdx/**/*.md": ">= sql-analysis-services-2016 || = sqlallproducts-allversions",
         "powershell/**/*.md": ">= aps-pdw-2016 || = azure-sqldw-latest || = azuresqldb-current || >= sql-server-2016 || = sqlallproducts-allversions",
         "relational-databases/**/*.md": ">= sql-server-2016 || = sqlallproducts-allversions",
-        "reporting-services/**/*.md": ">= sql-server-2016 || = sqlallproducts-allversions",
         "samples/**/*.md": "= azuresqldb-current || >= sql-server-2016 || = sqlallproducts-allversions",
-        "ssdt/**/*.md": ">= ssdt-15vs2017 || = sqlallproducts-allversions",
-        "ssms/**/*.md": ">= aps-pdw-2016 || = azure-sqldw-latest || = azuresqldb-current || >= sql-server-2016 || = sqlallproducts-allversions",
         "sql-server/**/*.md": ">= sql-server-2016 || = sqlallproducts-allversions",
+        "ssdt/**/*.md": ">= ssdt-15vs2017 || >= sql-server-2016 || >= sql-server-linux-2017 || = azuresqldb-current || = azuresqldb-mi-current || = azure-sqldw-latest || >= aps-pdw-2016 || = sqlallproducts-allversions",
+        "ssms/**/*.md": ">= aps-pdw-2016 || = azure-sqldw-latest || = azuresqldb-current || >= sql-server-2016 || = sqlallproducts-allversions",
         "tools/**/*.md": ">= sql-server-2016 || = sqlallproducts-allversions",
         "t-sql/**/*.md": "= azuresqldb-current || >= sql-server-2016 || = sqlallproducts-allversions",
         "xquery/**/*.md": ">= sql-server-2016 || = sqlallproducts-allversions"
diff --git a/docs/relational-databases/import-export/reporting-import-flat-file-failures.md b/docs/relational-databases/import-export/reporting-import-flat-file-failures.md
@@ -22,15 +22,15 @@ monikerRange: "= azuresqldb-current || >= sql-server-2016 || = sqlallproducts-al
 ---
 # Reporting Import Flat File failures
 
-The [Import Flat File Wizard](https://docs.microsoft.com/en-us/sql/relational-databases/import-export/import-flat-file-wizard/) in SSMS is powered by the Microsoft PROSE SDK, which is a framework for automatic programming or data wrangling from input-output examples. Although the Wizard can convert most Flat File sources, the PROSE team will consider updates to their algorithm based on any failures you experience.
+The [Import Flat File Wizard](https://docs.microsoft.com/en-us/sql/relational-databases/import-export/import-flat-file-wizard/) in SSMS is powered by the [Microsoft PROSE SDK](https://microsoft.github.io/prose/), which is a framework for automatic programming or data wrangling from input-output examples. Although the Wizard can convert most Flat File sources, the PROSE team will consider updates to their algorithm based on any failures you experience.
 
 ## Send an email
 
 If you run into an import failure or have a suggestion for feature improvement, send an email to sqltoolsprosesupport@microsoft.com
 
 In this email:
 - Include which version of SSMS you are running (**Help** -> **About**)
-- Attach a snippet/sample of your flat file (**Do not include any Personal identifiable information (PII)**) 
+- Attach a snippet/sample of your flat file, say the first few lines including column names (**Do not include any Personal identifiable information (PII)**) 
 - Brief description of the error you are running into and how you would like it to behave
 
 Sending this sample helps improve the Import Flat File Wizard experience since this information is directly sent to the PROSE team. Thank you for your help.
@@ -39,5 +39,5 @@ Sending this sample helps improve the Import Flat File Wizard experience since t
 
 Learn more about the wizard.
 
-- **Learn more about the Import Flat File Wizard** If you are looking for an overview of the Import Flat File wizard, see [Import Flat File Wizard](https://docs.microsoft.com/en-us/sql/relational-databases/import-export/import-flat-file-wizard/).
+- **Learn more about the Import Flat File Wizard.** If you are looking for an overview of the Import Flat File wizard, see [Import Flat File Wizard](https://docs.microsoft.com/en-us/sql/relational-databases/import-export/import-flat-file-wizard/).
 - **Learn more about PROSE.** If you are looking for an overview of the intelligent framework used by this wizard, see [PROSE SDK](https://microsoft.github.io/prose/).
diff --git a/docs/relational-databases/security/encryption/transparent-data-encryption-azure-sql.md b/docs/relational-databases/security/encryption/transparent-data-encryption-azure-sql.md
@@ -42,9 +42,9 @@ Microsoft also seamlessly moves and manages the keys as needed for geo-replicati
 > All newly created SQL databases are encrypted by default by using service-managed transparent data encryption. Existing databases before May 2017 and databases created through restore, geo-replication, and database copy aren't encrypted by default.
 >
 
-## Bring Your Own Key (preview)
+## Bring Your Own Key
 
-With Bring Your Own Key (in preview) support, you can take control over your transparent data encryption keys and control who can access them and when. Key Vault, which is the Azure cloud-based external key management system, is the first key management service that transparent data encryption has integrated with Bring Your Own Key support. With Bring Your Own Key support, the database encryption key is protected by an asymmetric key stored in Key Vault. The asymmetric key never leaves Key Vault. After the server has permissions to a key vault, the server sends basic key operation requests to it through Key Vault. You set the asymmetric key at the server level, and all databases under that server inherit it.
+With Bring Your Own Key support, you can take control over your transparent data encryption keys and control who can access them and when. Key Vault, which is the Azure cloud-based external key management system, is the first key management service that transparent data encryption has integrated with Bring Your Own Key support. With Bring Your Own Key support, the database encryption key is protected by an asymmetric key stored in Key Vault. The asymmetric key never leaves Key Vault. After the server has permissions to a key vault, the server sends basic key operation requests to it through Key Vault. You set the asymmetric key at the server level, and all databases under that server inherit it.
 
 With Bring Your Own Key support, you now can control key management tasks such as key rotations and key vault permissions. You also can delete keys and enable auditing/reporting on all encryption keys. Key Vault provides central key management and uses tightly monitored hardware security modules. Key Vault promotes separation of management of keys and data to help meet regulatory compliance. To learn more about Key Vault, see the [Key Vault documentation page](https://docs.microsoft.com/azure/key-vault/key-vault-secure-your-key-vault).
 
diff --git a/docs/relational-databases/security/encryption/transparent-data-encryption-byok-azure-sql-configure.md b/docs/relational-databases/security/encryption/transparent-data-encryption-byok-azure-sql-configure.md
@@ -21,11 +21,11 @@ ms.author: "aliceku"
 monikerRange: "= azuresqldb-current || = azure-sqldw-latest || = sqlallproducts-allversions"
 ---
 
-# PowerShell and CLI: Enable Transparent Data Encryption using your own key from Azure Key Vault (Preview)
+# PowerShell and CLI: Enable Transparent Data Encryption using your own key from Azure Key Vault
 
 [!INCLUDE[appliesto-xx-asdb-asdw-xxx-md](../../../includes/appliesto-xx-asdb-asdw-xxx-md.md)]
 
-This how-to guide walks through how to use a key from Azure Key Vault for Transparent Data Encryption (TDE) (in preview) on a SQL Database or Data Warehouse. To learn more about the TDE with Bring Your Own Key (BYOK) Support (in preview), visit [TDE Bring Your Own Key to Azure SQL](transparent-data-encryption-byok-azure-sql.md). 
+This how-to guide walks through how to use a key from Azure Key Vault for Transparent Data Encryption (TDE) on a SQL Database or Data Warehouse. To learn more about the TDE with Bring Your Own Key (BYOK) Support, visit [TDE Bring Your Own Key to Azure SQL](transparent-data-encryption-byok-azure-sql.md). 
 
 ## Prerequisites for PowerShell
 
diff --git a/docs/relational-databases/security/encryption/transparent-data-encryption-byok-azure-sql.md b/docs/relational-databases/security/encryption/transparent-data-encryption-byok-azure-sql.md
@@ -17,11 +17,11 @@ ms.workload: "On Demand"
 ms.tgt_pltfrm: ""
 
 ms.topic: "article"
-ms.date: "04/03/2018"
+ms.date: "04/16/2018"
 ms.author: "aliceku"
 monikerRange: "= azuresqldb-current || = azure-sqldw-latest || = sqlallproducts-allversions"
 --- 
-# Transparent Data Encryption with Bring Your Own Key (PREVIEW) support for Azure SQL Database and Data Warehouse
+# Transparent Data Encryption with Bring Your Own Key support for Azure SQL Database and Data Warehouse
 [!INCLUDE[appliesto-xx-asdb-asdw-xxx-md](../../../includes/appliesto-xx-asdb-asdw-xxx-md.md)]
 
 Bring Your Own Key (BYOK) support for [Transparent Data Encryption (TDE)](transparent-data-encryption.md) allows you to encrypt the Database Encryption Key (DEK) with an asymmetric key called TDE Protector.  The TDE Protector is stored under your control in [Azure Key Vault](https://docs.microsoft.com/azure/key-vault/key-vault-secure-your-key-vault), Azure’s cloud-based external key management system. Azure Key Vault is the first key management service with which TDE has integrated support for BYOK. The TDE DEK, which is stored on the boot page of a database is encrypted and decrypted by the TDE protector. The TDE Protector is stored in Azure Key Vault and never leaves the key vault. If the server's access to the key vault is revoked, a database cannot be decrypted and read into memory.  The TDE protector is set at the logical server level and is inherited by all databases associated with that server. 
@@ -120,7 +120,8 @@ The following section will go over the setup and configuration steps in more det
 ### Azure Key Vault Configuration Steps
 
 - Install [PowerShell](https://docs.microsoft.com/en-us/powershell/azure/install-azurerm-ps?view=azurermps-5.6.0) 
-- Create two Azure Key Vaults in two different regions using [PowerShell to enable the “soft-delete” property](https://docs.microsoft.com/en-us/azure/key-vault/key-vault-soft-delete-powershell) on the key vaults (this option is not available from the AKV Portal yet – but required by SQL) 
+- Create two Azure Key Vaults in two different regions using [PowerShell to enable the “soft-delete” property](https://docs.microsoft.com/en-us/azure/key-vault/key-vault-soft-delete-powershell) on the key vaults (this option is not available from the AKV Portal yet – but required by SQL).
+- Both Azure Key Vaults must be located in the two regions available in the same Azure Geo in order for backup and restore of keys to work.  If you need the two key vaults to be located in different geos to meet SQL Geo-DR requirements, follow the [BYOK Process](https://docs.microsoft.com/en-us/azure/key-vault/key-vault-hsm-protected-keys) that allows keys to be imported from an on-prem HSM.
 - Create a new key in the first key vault:  
   - RSA/RSA-HSA 2048 key 
   - No expiration dates 
diff --git a/docs/sql-server/stretch-database/stretch-database.md b/docs/sql-server/stretch-database/stretch-database.md
@@ -45,7 +45,7 @@ ms.workload: "On Demand"
  Enjoy peace of mind as you stretch your most important applications securely to the cloud. SQL Server’s Always Encrypted provides encryption for your data in motion. Row Level Security (RLS) and other advanced SQL Server security features also work with Stretch Database to protect your data.  
   
 ## What does Stretch Database do?  
- After you enable Stretch Database for a SQL Server instance, a database, and at least one table, Stretch Database silently begins to migrate your cold data to Azure.  
+ After you enable Stretch Database for a SQL Server instance, a database, and select at least one table, Stretch Database silently begins to migrate your cold data to Azure.  
   
 -   If you store cold data in a separate table, you can migrate the entire table.  
   
diff --git a/docs/t-sql/functions/certproperty-transact-sql.md b/docs/t-sql/functions/certproperty-transact-sql.md
@@ -47,42 +47,42 @@ CertProperty ( Cert_ID , '<PropertyName>' )
   
 ## Arguments  
 *Cert_ID*  
-Is the ID of the certificate. *Cert_ID* is an int.
+The certificate ID value, of data type int.
   
 *Expiry_Date*  
-Is the date of expiration of the certificate.
+The certificate expiration date.
   
 *Start_Date*  
-Is the date when the certificate becomes valid.
+The date when the certificate becomes valid.
   
 *Issuer_Name*  
-Is the issuer name of the certificate.
+The name of the certificate issuer.
   
 *Cert_Serial_Number*  
-Is the certificate serial number.
+The certificate serial number.
   
 *Subject*  
-Is the subject of the certificate.
+The certificate subject.
   
  *SID*  
-Is the SID of the certificate. This is also the SID of any login or user mapped to this certificate.
+The certificate SID. This is also the SID of any login or user mapped to this certificate.
   
 *String_SID*  
-Is the SID of the certificate as a character string. This is also the SID of any login or user mapped to the certificate.
+The SID of the certificate as a character string. This is also the SID of any login or user mapped to the certificate.
   
 ## Return types
-The property specification must be enclosed in single quotation marks.
+Single quotation marks must enclose the property specification.
   
-The return type depends on the property that is specified in the function call. All return values are wrapped in the return type of **sql_variant**.
+The return type depends on the property specified in the function call. The return type **sql_variant** wraps all return values.
 -   *Expiry_Date* and *Start_Date* return **datetime**.  
--   *Cert_Serial_Number*, *Issuer_Name*, *Subject*, and *String_SID* return **nvarchar**.  
+-   *Cert_Serial_Number*, *Issuer_Name*, *String_SID*, and *Subject* all return **nvarchar**.  
 -   *SID* returns **varbinary**.  
   
 ## Remarks  
-Information about certificates is visible in the [sys.certificates](../../relational-databases/system-catalog-views/sys-certificates-transact-sql.md) catalog view.
+See certificate information in the [sys.certificates](../../relational-databases/system-catalog-views/sys-certificates-transact-sql.md) catalog view.
   
 ## Permissions  
-Requires some permission on the certificate and that the caller has not been denied VIEW DEFINITION permission on the certificate.
+Requires appropriate permission(s) on the certificate, and requires that the caller has not been denied VIEW permission on the certificate. See [CREATE CERTIFICATE &#40;Transact-SQL&#41;](../../t-sql/statements/create-certificate-transact-sql.md) and [GRANT CERTIFICATE PERMISSIONS &#40;Transact-SQL&#41;](../../t-sql/statements/grant-certificate-permissions-transact-sql.md) for more information about certificate permissions.
   
 ## Examples  
 The following example returns the certificate subject.
@@ -91,7 +91,7 @@ The following example returns the certificate subject.
 -- First create a certificate.  
 CREATE CERTIFICATE Marketing19 WITH   
     START_DATE = '04/04/2004' ,  
-    EXPIRY_DATE = '07/07/2007' ,  
+    EXPIRY_DATE = '07/07/2040' ,  
     SUBJECT = 'Marketing Print Division';  
 GO  
   

Original file line number	Diff line number	Diff line change
`@@ -42,9 +42,9 @@ Microsoft also seamlessly moves and manages the keys as needed for geo-replicati`
`42`	`42`	`> All newly created SQL databases are encrypted by default by using service-managed transparent data encryption. Existing databases before May 2017 and databases created through restore, geo-replication, and database copy aren't encrypted by default.`
`43`	`43`	`>`
`44`	`44`
`45`		`-## Bring Your Own Key (preview)`
	`45`	`+## Bring Your Own Key`
`46`	`46`
`47`		-With Bring Your Own Key (in preview) support, you can take control over your transparent data encryption keys and control who can access them and when. Key Vault, which is the Azure cloud-based external key management system, is the first key management service that transparent data encryption has integrated with Bring Your Own Key support. With Bring Your Own Key support, the database encryption key is protected by an asymmetric key stored in Key Vault. The asymmetric key never leaves Key Vault. After the server has permissions to a key vault, the server sends basic key operation requests to it through Key Vault. You set the asymmetric key at the server level, and all databases under that server inherit it.
	`47`	+With Bring Your Own Key support, you can take control over your transparent data encryption keys and control who can access them and when. Key Vault, which is the Azure cloud-based external key management system, is the first key management service that transparent data encryption has integrated with Bring Your Own Key support. With Bring Your Own Key support, the database encryption key is protected by an asymmetric key stored in Key Vault. The asymmetric key never leaves Key Vault. After the server has permissions to a key vault, the server sends basic key operation requests to it through Key Vault. You set the asymmetric key at the server level, and all databases under that server inherit it.
`48`	`48`
`49`	`49`	With Bring Your Own Key support, you now can control key management tasks such as key rotations and key vault permissions. You also can delete keys and enable auditing/reporting on all encryption keys. Key Vault provides central key management and uses tightly monitored hardware security modules. Key Vault promotes separation of management of keys and data to help meet regulatory compliance. To learn more about Key Vault, see the [Key Vault documentation page](https://docs.microsoft.com/azure/key-vault/key-vault-secure-your-key-vault).
`50`	`50`