Merge pull request #19053 from MicrosoftDocs/master

huypub · web-flow · commit 09122d02fc3d · 2021-04-07T15:40:24.000-07:00
4/07 PM Publish
diff --git a/docs/database-engine/configure-windows/common-criteria-compliance-enabled-server-configuration-option.md b/docs/database-engine/configure-windows/common-criteria-compliance-enabled-server-configuration-option.md
@@ -1,11 +1,8 @@
 ---
-title: "Common Criteria Compliance Enabled Configuration | Microsoft Docs"
-description: Learn which criteria the common criteria compliance option enables in SQL Server, and see how to comply with Common Criteria Evaluation Assurance Level 4+.
-ms.custom: ""
-ms.date: "08/21/2018"
+title: Common Criteria Compliance Enabled Configuration
+description: Learn which criteria the common criteria compliance option enables in SQL Server. See how to comply with Common Criteria Evaluation Assurance Level. For EUCC certification approval. A world-wide compliance obligation across regulated industries and authorities.
 ms.prod: sql
 ms.prod_service: high-availability
-ms.reviewer: ""
 ms.technology: configuration
 ms.topic: conceptual
 f1_keywords: 
@@ -15,47 +12,53 @@ helpviewer_keywords:
   - "common criteria compliance [Database Engine]"
   - "Risidual Information Protection [Database Engine]"
   - "RIP (Residual Information Protection)"
-ms.assetid: 61766eea-c450-408d-af33-fbe7ef8c9ff2
-author: rothja
-ms.author: jroth
+author: markingmyname
+ms.author: maghan
+ms.reviewer: wopeter
+ms.custom: ""
+ms.date: 04/07/2021
 ---
+
 # Common Criteria Compliance Enabled Server Configuration
- [!INCLUDE [SQL Server](../../includes/applies-to-version/sqlserver.md)]
-
-The common criteria compliance option enables the following elements that are required for the [Common Criteria for Information Technology Security Evaluation](https://www.commoncriteriaportal.org/).  
-  
-|Criteria|Description|  
-|--------------|-----------------|  
-|Residual Information Protection (RIP)|RIP requires a memory allocation to be overwritten with a known pattern of bits before memory is reallocated to a new resource. Meeting the RIP standard can contribute to improved security; however, overwriting the memory allocation can slow performance. After the common criteria compliance enabled option is enabled, the overwriting occurs.|  
-|The ability to view login statistics|After the common criteria compliance enabled option is enabled, login auditing is enabled. Each time a user successfully logs in to [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)], information about the last successful login time, the last unsuccessful login time, and the number of attempts between the last successful and current login times is made available on a per-session basis. These login statistics can be viewed by querying the [sys.dm_exec_sessions](../../relational-databases/system-dynamic-management-views/sys-dm-exec-sessions-transact-sql.md) dynamic management view.|  
-|That column `GRANT` should not override table `DENY`|After the common criteria compliance enabled option is enabled, a table-level `DENY` takes precedence over a column-level `GRANT`. When the option is not enabled, a column-level `GRANT` takes precedence over a table-level `DENY`.|  
-  
- The common criteria compliance enabled option is an advanced option. Common criteria is only evaluated and certified for the Enterprise edition and Datacenter edition. For the latest status of common criteria certification, see the [Microsoft SQL Server Common Criteria](https://go.microsoft.com/fwlink/?LinkId=616319) Web site.  
-  
-> [!IMPORTANT]  
->  In addition to enabling the common criteria compliance enabled option, you also must download and run a script that finishes configuring [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] to comply with Common Criteria Evaluation Assurance Level 4+ (EAL4+). You can download this script from the [Microsoft SQL Server Common Criteria](https://go.microsoft.com/fwlink/?LinkId=616319) Web site.  
-  
- If you are using the `sp_configure` system stored procedure to change the setting, you can change common criteria compliance enabled only when show advanced options is set to 1. The setting takes effect after the server is restarted. The possible values are 0 and 1:  
-  
--   0 indicates that common criteria compliance is not enabled. This is the default.  
-  
--   1 indicates that common criteria compliance is enabled.  
-  
-## Examples  
- The following example enables common criteria compliance.  
-  
-```  
-sp_configure 'show advanced options', 1;  
-GO  
-RECONFIGURE;  
-GO  
-sp_configure 'common criteria compliance enabled', 1;  
-GO  
-RECONFIGURE WITH OVERRIDE; 
-GO  
-```  
-
-Restart [!INCLUDE[ssNoVersion_md](../../includes/ssnoversion-md.md)].
-  
-## See Also  
- [Server Configuration Options &#40;SQL Server&#41;](../../database-engine/configure-windows/server-configuration-options-sql-server.md)
+
+[!INCLUDE [SQL Server](../../includes/applies-to-version/sqlserver.md)]
+
+The common criteria compliance option enables the following elements that are required for the [Common Criteria for Information Technology Security Evaluation](https://www.commoncriteriaportal.org). A requirement for a world-wide compliance obligation across regulated industries and authorities.
+
+| Criteria | Description |
+|----------|-------------|
+| Residual Information Protection (RIP) | RIP requires a memory allocation to be overwritten with a known pattern of bits before memory is reallocated to a new resource. Meeting the RIP standard can contribute to improved security; however, overwriting the memory allocation can slow performance. After the common criteria compliance enabled option is enabled, the overwriting occurs. |
+|The ability to view login statistics | Login auditing is enabled after the common criteria compliance option is enabled. </br></br></br> Login times that are made available on a per-session basis each time a user successfully logs in to SQL Server: </br> - Information about the last successful login time </br> - The last unsuccessful login time </br> - The number of attempts between the last successful login and the current login. </br></br></br> These login statistics can be viewed by querying the [sys.dm_exec_sessions](../../relational-databases/system-dynamic-management-views/sys-dm-exec-sessions-transact-sql.md) dynamic management view. |
+|That column `GRANT` shouldn't override table `DENY` | After the common criteria compliance enabled option is enabled, a table-level `DENY` takes precedence over a column-level `GRANT`. When the option isn't enabled, a column-level `GRANT` takes precedence over a table-level `DENY`. |
+
+The common criteria compliance enabled option is an advanced option. Common criteria is only evaluated and certified for the Enterprise edition and Datacenter edition. For the latest status of common criteria certification, see the [Microsoft SQL Server Common Criteria](https://go.microsoft.com/fwlink/?LinkId=616319) site.
+
+> [!IMPORTANT]
+> In addition to enabling the common criteria compliance enabled option, you also must download and run a script that finishes configuring SQL Server to comply with Common Criteria Evaluation Assurance Level 4+ (EAL4+). You can download this script from the [Microsoft SQL Server Common Criteria](https://go.microsoft.com/fwlink/?LinkId=616319) site.
+
+If you're using the `sp_configure` system stored procedure to change the setting, you can change common criteria compliance enabled only when show advanced options is set to 1. The setting takes effect after the server is restarted. The possible values are 0 and 1:
+
+- 0 indicates that common criteria compliance isn't enabled (default).
+
+- 1 indicates that common criteria compliance is enabled.
+
+## Examples
+
+The following example enables common criteria compliance.
+
+```sql
+sp_configure 'show advanced options', 1;
+GO
+RECONFIGURE;
+GO
+sp_configure 'common criteria compliance enabled', 1;
+GO
+RECONFIGURE WITH OVERRIDE;
+GO
+```
+
+Restart SQL Server.
+
+## Next steps
+
+- [Server Configuration Options &#40;SQL Server&#41;](../../database-engine/configure-windows/server-configuration-options-sql-server.md)
diff --git a/docs/linux/sql-server-linux-release-notes-2019.md b/docs/linux/sql-server-linux-release-notes-2019.md
@@ -74,7 +74,7 @@ For manual or offline package installations, you can download the RPM and Debian
 |-----|-----|-----|
 | Red Hat RPM package | 15.0.4123.1-5 | [Engine RPM package](https://packages.microsoft.com/rhel/8/mssql-server-2019/mssql-server-15.0.4123.1-5.x86_64.rpm)</br>[High Availability RPM package](https://packages.microsoft.com/rhel/8/mssql-server-2019/mssql-server-ha-15.0.4123.1-5.x86_64.rpm)</br>[Full-text Search RPM package](https://packages.microsoft.com/rhel/8/mssql-server-2019/mssql-server-fts-15.0.4123.1-5.x86_64.rpm)</br>[Extensibility RPM package](https://packages.microsoft.com/rhel/8/mssql-server-2019/mssql-server-extensibility-15.0.4123.1-5.x86_64.rpm)</br>[Java Extensibility RPM package](https://packages.microsoft.com/rhel/8/mssql-server-2019/mssql-server-extensibility-java-15.0.4123.1-5.x86_64.rpm)</br>[PolyBase RPM package](https://packages.microsoft.com/rhel/8/mssql-server-2019/mssql-server-polybase-15.0.4123.1-5.x86_64.rpm)|
 | SLES RPM package | 15.0.4123.1-5 | [mssql-server Engine RPM package](https://packages.microsoft.com/sles/12/mssql-server-2019/mssql-server-15.0.4123.1-5.x86_64.rpm)</br>[High Availability RPM package](https://packages.microsoft.com/sles/12/mssql-server-2019/mssql-server-ha-15.0.4123.1-5.x86_64.rpm)</br>[Full-text Search RPM package](https://packages.microsoft.com/sles/12/mssql-server-2019/mssql-server-fts-15.0.4123.1-5.x86_64.rpm)</br>[Extensibility RPM package](https://packages.microsoft.com/sles/12/mssql-server-2019/mssql-server-extensibility-15.0.4123.1-5.x86_64.rpm)</br>[Java Extensibility RPM package](https://packages.microsoft.com/sles/12/mssql-server-2019/mssql-server-extensibility-java-15.0.4123.1-5.x86_64.rpm)</br>[PolyBase RPM package](https://packages.microsoft.com/sles/12/mssql-server-2019/mssql-server-polybase-15.0.4123.1-5.x86_64.rpm)|
-| Ubuntu 18.04 Debian package | 15.0.4123.1-5 | [Engine Debian package](https://packages.microsoft.com/ubuntu/20.04/mssql-server-2019/pool/main/m/mssql-server/mssql-server_15.0.4123.1-5_amd64.deb)</br>[High Availability Debian package](https://packages.microsoft.com/ubuntu/20.04/mssql-server-2019/pool/main/m/mssql-server-ha/mssql-server-ha_15.0.4123.1-5_amd64.deb)</br>[Full-text Search Debian package](https://packages.microsoft.com/ubuntu/20.04/mssql-server-2019/pool/main/m/mssql-server-fts/mssql-server-fts_15.0.4123.1-5_amd64.deb)</br>[Extensibility Debian package](https://packages.microsoft.com/ubuntu/20.04/mssql-server-2019/pool/main/m/mssql-server-extensibility/mssql-server-extensibility_15.0.4123.1-5_amd64.deb)</br>[Java Extensibility Debian package](https://packages.microsoft.com/ubuntu/20.04/mssql-server-2019/pool/main/m/mssql-server-extensibility-java/mssql-server-extensibility-java_15.0.4123.1-5_amd64.deb)</br>[PolyBase RPM package](https://packages.microsoft.com/ubuntu/20.04/mssql-server-2019/pool/main/m/mssql-server-polybase/mssql-server-polybase_15.0.4123.1-5_amd64.deb)|
+| Ubuntu 20.04 Debian package | 15.0.4123.1-5 | [Engine Debian package](https://packages.microsoft.com/ubuntu/20.04/mssql-server-2019/pool/main/m/mssql-server/mssql-server_15.0.4123.1-5_amd64.deb)</br>[High Availability Debian package](https://packages.microsoft.com/ubuntu/20.04/mssql-server-2019/pool/main/m/mssql-server-ha/mssql-server-ha_15.0.4123.1-5_amd64.deb)</br>[Full-text Search Debian package](https://packages.microsoft.com/ubuntu/20.04/mssql-server-2019/pool/main/m/mssql-server-fts/mssql-server-fts_15.0.4123.1-5_amd64.deb)</br>[Extensibility Debian package](https://packages.microsoft.com/ubuntu/20.04/mssql-server-2019/pool/main/m/mssql-server-extensibility/mssql-server-extensibility_15.0.4123.1-5_amd64.deb)</br>[Java Extensibility Debian package](https://packages.microsoft.com/ubuntu/20.04/mssql-server-2019/pool/main/m/mssql-server-extensibility-java/mssql-server-extensibility-java_15.0.4123.1-5_amd64.deb)</br>[PolyBase RPM package](https://packages.microsoft.com/ubuntu/20.04/mssql-server-2019/pool/main/m/mssql-server-polybase/mssql-server-polybase_15.0.4123.1-5_amd64.deb)|
 
 ## <a id="cu9"></a> CU9 (February 2021)
 
diff --git a/docs/machine-learning/deploy/modify-r-python-code-to-run-in-sql-server.md b/docs/machine-learning/deploy/modify-r-python-code-to-run-in-sql-server.md
@@ -80,8 +80,7 @@ How much you change your code depends on whether you intend to submit the code f
 	,@script = N'R code here'
   ```
 
-+ Any variables that you pass in as parameters of the stored procedure [sp_execute_external_script](../../relational-databases/system-stored-procedures/sp-execute-external-script-transact-sql.md) must be mapped to variables in the code. By default, variables are mapped by name. 
-  All columns in the input dataset must also be mapped to variables in the script.
++ Any variables that you pass in as parameters of the stored procedure [sp_execute_external_script](../../relational-databases/system-stored-procedures/sp-execute-external-script-transact-sql.md) must be mapped to variables in the code. By default, variables are mapped by name. All columns in the input dataset must also be mapped to variables in the script.
   
   For example, assume your R script contains a formula like this one:
 
diff --git a/docs/machine-learning/install/custom-runtime-r.md b/docs/machine-learning/install/custom-runtime-r.md
@@ -3,7 +3,7 @@ title: Install R custom runtime
 description: Learn how to install an R custom runtime for SQL Server using Language Extensions. The Python custom runtime can run machine learning scripts.
 ms.prod: sql
 ms.technology: machine-learning-services
-ms.date: 03/16/2021
+ms.date: 04/07/2021
 ms.topic: how-to
 author: dphansen
 ms.author: davidph
@@ -56,7 +56,7 @@ Use your own version of the R runtime with SQL Server, instead of the default ru
 
 ## Enable external script
 
-You can execute a Python external script with the stored procedure [sp_execute_external script](../../relational-databases/system-stored-procedures/sp-execute-external-script-transact-sql.md).
+You can execute an R external script with the stored procedure [sp_execute_external script](../../relational-databases/system-stored-procedures/sp-execute-external-script-transact-sql.md).
 
 To enable external scripts, use [Azure Data Studio](../../azure-data-studio/what-is-azure-data-studio.md) to execute the statement below.
 
@@ -79,6 +79,10 @@ print(R.version);
 print("Hello RExtension!");'
 ```
 
+::: zone pivot="platform-windows"
+[!INCLUDE [R custom runtime - Windows - known issues](includes/custom-runtime-r-windows-known-issues.md)]
+::: zone-end
+
 ::: zone pivot="platform-linux-rhel"
 [!INCLUDE [R custom runtime - Linux - RHEL known issues](includes/custom-runtime-r-linux-known-issues-rhel.md)]
 ::: zone-end
diff --git a/docs/machine-learning/install/includes/custom-runtime-r-windows-known-issues.md b/docs/machine-learning/install/includes/custom-runtime-r-windows-known-issues.md
@@ -0,0 +1,18 @@
+---
+ms.prod: sql
+ms.technology: machine-learning-services
+ms.date: 04/07/2021
+ms.topic: include
+author: anmunde
+ms.author: anmunde
+ms.reviewer: dphansen
+---
+## Known issues
+
+If you're using the R runtime provided as part of [SQL Server Machine Learning Services](../../sql-server-machine-learning-services.md) by setting `R_HOME` to `C:\Program Files\Microsoft SQL Server\MSSQL15.<INSTANCE_NAME>\R_SERVICES` when you register the language extension, you might run into the following error upon executing any external custom R script with [sp_execute_external script](../../../relational-databases/system-stored-procedures/sp-execute-external-script-transact-sql.md).
+
+*Error: cons memory exhausted (limit reached?)*
+
+To resolve this issue:
+ 1. Set the environment variable `R_NSIZE` indicating the number of fixed sized objects (`cons cells`) to a reasonable value, for example, `200000`.
+ 1. Restart the **Launchpad** service and retry the execution of the script.
diff --git a/docs/machine-learning/install/includes/custom-runtime-r-windows.md b/docs/machine-learning/install/includes/custom-runtime-r-windows.md
@@ -1,7 +1,7 @@
 ---
 ms.prod: sql
 ms.technology: machine-learning-services
-ms.date: 02/08/2021
+ms.date: 04/07/2021
 ms.topic: include
 author: dphansen
 ms.author: davidph
@@ -87,7 +87,7 @@ Follow these steps to install the **Rcpp** package.
 1. Run the following script to install the Rcpp package in the `\library` folder in your R installation path. For example, `C:\Program Files\R\R-4.0.3\library`.
 
     ```R
-    install.packages("Rcpp", lib="C:\Program Files\R\R-4.0.3\library");
+    install.packages("Rcpp", lib="C:\\Program Files\\R\\R-4.0.3\\library");
     ```
 
 ## Grant access to R folder
diff --git a/docs/reporting-services/reporting-services-features-supported-by-the-editions-of-sql-server-2016.md b/docs/reporting-services/reporting-services-features-supported-by-the-editions-of-sql-server-2016.md
@@ -68,7 +68,7 @@ For features supported by the Evaluation and Developer editions, see the SQL Ser
 > SQL Server Express with Tools and SQL Server Express don't support SQL Server Reporting Services.
   
 ## Edition requirements for the report server database
- When you create a report server database, not all editions of SQL Server [!INCLUDE[ssNoVersion](../includes/ssnoversion-md.md)] can be used to host the database. The following table shows you which editions of the [!INCLUDE[ssDE](../includes/ssde-md.md)] you can use for specific editions of SQL Server [!INCLUDE[ssRSnoversion](../includes/ssrsnoversion-md.md)].  
+ When you create a report server database, not all editions of [!INCLUDE[ssNoVersion](../includes/ssnoversion-md.md)] can be used to host the database. The following table shows you which editions of the [!INCLUDE[ssDE](../includes/ssde-md.md)] you can use for specific editions of SQL Server [!INCLUDE[ssRSnoversion](../includes/ssrsnoversion-md.md)].  
   
 |For this edition of [!INCLUDE[ssNoVersion](../includes/ssnoversion-md.md)] Reporting Services,|Use this edition of the Database Engine instance to host the database.|  
 |----------------------------------------------------------------------|---------------------------------------------------------------------------|  
diff --git a/docs/sql-server/install/configure-the-windows-firewall-to-allow-sql-server-access.md b/docs/sql-server/install/configure-the-windows-firewall-to-allow-sql-server-access.md
@@ -2,7 +2,7 @@
 title: "Configure Windows Firewall"
 description: Learn how to configure the Windows firewall to allow access to an instance of the SQL Server through the firewall.
 ms.custom: "contperf-fy21q3"
-ms.date: 03/26/2021
+ms.date: 04/07/2021
 ms.prod: sql
 ms.reviewer: ""
 ms.technology: install
@@ -92,6 +92,16 @@ Configure the Windows Firewall settings with either **Microsoft Management Conso
     -   [Netsh Command Syntax, Contexts, and Formatting](/windows-server/networking/technologies/netsh/netsh-contexts)    
     -   [How to use the "netsh advfirewall firewall" context instead of the "netsh firewall" context to control Windows Firewall behavior in Windows Server 2008 and in Windows Vista](https://support.microsoft.com/kb/947709)    
 
+-   **PowerShell**
+
+    See the following example to open TCP port 1433 and UDP port 1434 for SQL Server default instance, and SQL Server Browser Service:
+    
+    ```powershell
+    New-NetFirewallRule -DisplayName "SQLServer default instance" -Direction Inbound -LocalPort 1433 -Protocol TCP -Action Allow
+    New-NetFirewallRule -DisplayName "SQLServer Browser service" -Direction Inbound -LocalPort 1434 -Protocol UDP -Action Allow
+    ```
+    
+    For more examples, see [New-NetFirewallRule](/powershell/module/netsecurity/new-netfirewallrule).
     
 - **For Linux**: On Linux, you also need to open the ports associated with the services you need access to. Different distributions of Linux and different firewalls have their own procedures. For two examples, see [SQL Server on Red Hat](../../linux/quickstart-install-connect-red-hat.md), and [SQL Server on SUSE](../../linux/quickstart-install-connect-suse.md). 
   
