Merge pull request #107084 from Samantha-Yu/adfupdate0310

PRMerger15 · web-flow · commit 25db17852444 · 2020-03-19T08:35:16.000-07:00
Updated MSI to Managed Identity
diff --git a/articles/data-factory/create-self-hosted-integration-runtime.md b/articles/data-factory/create-self-hosted-integration-runtime.md
@@ -10,7 +10,7 @@ author: nabhishek
 ms.author: abnarain
 manager: anandsub
 ms.custom: seo-lt-2019
-ms.date: 06/18/2019
+ms.date: 03/10/2020
 ---
 
 # Create and configure a self-hosted integration runtime
@@ -31,19 +31,19 @@ To create and set up a self-hosted integration runtime, use the following proced
 
 1. You can use Azure PowerShell for this task. Here is an example:
 
-	```powershell
-	Set-AzDataFactoryV2IntegrationRuntime -ResourceGroupName $resourceGroupName -DataFactoryName $dataFactoryName -Name $selfHostedIntegrationRuntimeName -Type SelfHosted -Description "selfhosted IR description"
-	```
+    ```powershell
+    Set-AzDataFactoryV2IntegrationRuntime -ResourceGroupName $resourceGroupName -DataFactoryName $dataFactoryName -Name $selfHostedIntegrationRuntimeName -Type SelfHosted -Description "selfhosted IR description"
+    ```
   
 2. [Download](https://www.microsoft.com/download/details.aspx?id=39717) and install the self-hosted integration runtime on a local machine.
 
 3. Retrieve the authentication key and register the self-hosted integration runtime with the key. Here is a PowerShell example:
 
-	```powershell
+    ```powershell
 
-	Get-AzDataFactoryV2IntegrationRuntimeKey -ResourceGroupName $resourceGroupName -DataFactoryName $dataFactoryName -Name $selfHostedIntegrationRuntimeName  
+    Get-AzDataFactoryV2IntegrationRuntimeKey -ResourceGroupName $resourceGroupName -DataFactoryName $dataFactoryName -Name $selfHostedIntegrationRuntimeName  
 
-	```
+    ```
 
 ### Create a self-hosted IR via Azure Data Factory UI
 
@@ -71,7 +71,7 @@ Use the following steps to create a self-hosted IR using Azure Data Factory UI.
 
     1. On the **Register Integration Runtime (Self-hosted)** page, paste the key you saved earlier, and select **Register**.
     
-	   ![Register the integration runtime](media/create-self-hosted-integration-runtime/register-integration-runtime.png)
+       ![Register the integration runtime](media/create-self-hosted-integration-runtime/register-integration-runtime.png)
 
     1. On the **New Integration Runtime (Self-hosted) Node** page, select **Finish**.
 
@@ -157,7 +157,7 @@ Here is a high-level summary of the data-flow steps for copying with a self-host
    
    Installation of the self-hosted integration runtime on a domain controller isn't supported.
 - .NET Framework 4.6.1 or later is required. If you're installing the self-hosted integration runtime on a Windows 7 machine, install .NET Framework 4.6.1 or later. See [.NET Framework System Requirements](/dotnet/framework/get-started/system-requirements) for details.
-- The recommended minimum configuration for the self-hosted integration runtime machine is a 2-GHz processor with four cores, 8 GB of RAM, and 80 GB of available hard drive space.
+- The recommended minimum configuration for the self-hosted integration runtime machine is a 2-GHz processor with 4 cores, 8 GB of RAM, and 80 GB of available hard drive space.
 - If the host machine hibernates, the self-hosted integration runtime doesn't respond to data requests. Configure an appropriate power plan on the computer before you install the self-hosted integration runtime. If the machine is configured to hibernate, the self-hosted integration runtime installer prompts with a message.
 - You must be an administrator on the machine to successfully install and configure the self-hosted integration runtime.
 - Copy-activity runs happen with a specific frequency. Processor and RAM usage on the machine follows the same pattern with peak and idle times. Resource usage also depends heavily on the amount of data that is moved. When multiple copy jobs are in progress, you see resource usage go up during peak times.
@@ -167,7 +167,7 @@ Here is a high-level summary of the data-flow steps for copying with a self-host
 
 ## Installation best practices
 
-You can install the self-hosted integration runtime by downloading an MSI setup package from [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=39717). See the article [Move data between on-premises and cloud](tutorial-hybrid-copy-powershell.md) for step-by-step instructions.
+You can install the self-hosted integration runtime by downloading a Managed Identity setup package from [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=39717). See the article [Move data between on-premises and cloud](tutorial-hybrid-copy-powershell.md) for step-by-step instructions.
 
 - Configure a power plan on the host machine for the self-hosted integration runtime so that the machine doesn't hibernate. If the host machine hibernates, the self-hosted integration runtime goes offline.
 - Regularly back up the credentials associated with the self-hosted integration runtime.
@@ -177,17 +177,17 @@ You can install the self-hosted integration runtime by downloading an MSI setup
 
 1. Go to the [Microsoft integration runtime download page](https://www.microsoft.com/download/details.aspx?id=39717).
 1. Select **Download**, select the 64-bit version, and select **Next**. The 32-bit version isn't supported.
-1. Run the MSI file directly, or save it to your hard drive and run it.
+1. Run the Managed Identity file directly, or save it to your hard drive and run it.
 1. On the **Welcome** window, select a language and select **Next**.
 1. Accept the Microsoft Software License Terms and select **Next**.
 1. Select **folder** to install the self-hosted integration runtime, and select **Next**.
 1. On the **Ready to install** page, select **Install**.
 1. Select **Finish** to complete installation.
 1. Get the authentication key by using PowerShell. Here's a PowerShell example for retrieving the authentication key:
 
-	```powershell
-	Get-AzDataFactoryV2IntegrationRuntimeKey -ResourceGroupName $resourceGroupName -DataFactoryName $dataFactoryName -Name $selfHostedIntegrationRuntime
-	```
+    ```powershell
+    Get-AzDataFactoryV2IntegrationRuntimeKey -ResourceGroupName $resourceGroupName -DataFactoryName $dataFactoryName -Name $selfHostedIntegrationRuntime
+    ```
 
 1. On the **Register Integration Runtime (Self-hosted)** window of Microsoft Integration Runtime Configuration Manager running on your machine, take the following steps:
 
@@ -278,15 +278,15 @@ To share a self-hosted integration runtime with multiple data factories, see [Cr
 
 ### Known limitations of self-hosted IR sharing
 
-* The data factory in which a linked IR is created must have an [MSI](https://docs.microsoft.com/azure/active-directory/managed-service-identity/overview). By default, the data factories created in the Azure portal or PowerShell cmdlets have an implicitly created MSI. But when a data factory is created through an Azure Resource Manager template or SDK, you must set the **Identity** property explicitly. This setting ensures that Resource Manager creates a data factory that contains an MSI.
+* The data factory in which a linked IR is created must have an [Managed Identity](https://docs.microsoft.com/azure/active-directory/managed-service-identity/overview). By default, the data factories created in the Azure portal or PowerShell cmdlets have an implicitly created Managed Identity. But when a data factory is created through an Azure Resource Manager template or SDK, you must set the **Identity** property explicitly. This setting ensures that Resource Manager creates a data factory that contains a Managed Identity.
 
 * The Data Factory .NET SDK that supports this feature must be version 1.1.0 or later.
 
 * To grant permission, you need the Owner role or the inherited Owner role in the data factory where the shared IR exists.
 
 * The sharing feature works only for data factories within the same Azure AD tenant.
 
-* For Azure AD [guest users](https://docs.microsoft.com/azure/active-directory/governance/manage-guest-access-with-access-reviews), the search functionality in the UI, which lists all data factories by using a search keyword, [doesn't work](https://msdn.microsoft.com/library/azure/ad/graph/howto/azure-ad-graph-api-permission-scopes#SearchLimits). But as long as the guest user is the owner of the data factory, you can share the IR without the search functionality. For the MSI of the data factory that needs to share the IR, enter that MSI in the **Assign Permission** box and select **Add** in the Data Factory UI.
+* For Azure AD [guest users](https://docs.microsoft.com/azure/active-directory/governance/manage-guest-access-with-access-reviews), the search functionality in the UI, which lists all data factories by using a search keyword, [doesn't work](https://msdn.microsoft.com/library/azure/ad/graph/howto/azure-ad-graph-api-permission-scopes#SearchLimits). But as long as the guest user is the owner of the data factory, you can share the IR without the search functionality. For the Managed Identity of the data factory that needs to share the IR, enter that Managed Identity in the **Assign Permission** box and select **Add** in the Data Factory UI.
 
   > [!NOTE]
   > This feature is available only in Data Factory V2.
@@ -324,7 +324,7 @@ Ensure that you properly enable firewall rules on the corporate firewall, the Wi
 For example, to copy from an on-premises data store to a SQL Database sink or an Azure SQL Data Warehouse sink, take the following steps:
 
 1. Allow outbound TCP communication on port 1433 for both the Windows firewall and the corporate firewall.
-1. Configure the firewall settings of the SQL database to add the IP address of the self-hosted integration runtime machine to the list of allowed IP addresses.
+1. Configure the firewall settings of the SQL Database to add the IP address of the self-hosted integration runtime machine to the list of allowed IP addresses.
 
 > [!NOTE]
 > If your firewall doesn't allow outbound port 1433, the self-hosted integration runtime can't access the SQL database directly. In this case, you can use a [staged copy](copy-activity-performance.md) to SQL Database and SQL Data Warehouse. In this scenario, you require only HTTPS (port 443) for the data movement.
@@ -343,7 +343,7 @@ There are three configuration options:
 
 - **Do not use proxy**: The self-hosted integration runtime doesn't explicitly use any proxy to connect to cloud services.
 - **Use system proxy**: The self-hosted integration runtime uses the proxy setting that is configured in diahost.exe.config and diawp.exe.config. If these files specify no proxy configuration, the self-hosted integration runtime connects to the cloud service directly without going through a proxy.
-- **Use custom proxy**: Configure the HTTP proxy setting to use for the self-hosted integration runtime, instead of using configurations in diahost.exe.config and diawp.exe.config. **Address** and **Port** values are required. **User Name** and **Password** values are optional, depending on your proxy’s authentication setting. All settings are encrypted with Windows DPAPI on the self-hosted integration runtime and stored locally on the machine.
+- **Use custom proxy**: Configure the HTTP proxy setting to use for the self-hosted integration runtime, instead of using configurations in diahost.exe.config and diawp.exe.config. **Address** and **Port** values are required. **User Name** and **Password** values are optional, depending on your proxy's authentication setting. All settings are encrypted with Windows DPAPI on the self-hosted integration runtime and stored locally on the machine.
 
 The integration runtime host service restarts automatically after you save the updated proxy settings.
 
@@ -370,26 +370,26 @@ If you select the **Use system proxy** option for the HTTP proxy, the self-hoste
 1. In Notepad, open the text file C:\Program Files\Microsoft Integration Runtime\3.0\Shared\diahost.exe.config.
 1. Find the default **system.net** tag as shown in the following code:
 
-	```xml
-	<system.net>
-		<defaultProxy useDefaultCredentials="true" />
-	</system.net>
-	```
-	You can then add proxy server details as shown in the following example:
+    ```xml
+    <system.net>
+        <defaultProxy useDefaultCredentials="true" />
+    </system.net>
+    ```
+    You can then add proxy server details as shown in the following example:
 
-	```xml
-	<system.net>
+    ```xml
+    <system.net>
         <defaultProxy enabled="true">
               <proxy bypassonlocal="true" proxyaddress="http://proxy.domain.org:8888/" />
         </defaultProxy>
-	</system.net>
-	```
+    </system.net>
+    ```
 
-	The proxy tag allows additional properties to specify required settings like `scriptLocation`. See [\<proxy\> Element (Network Settings)](https://msdn.microsoft.com/library/sa91de1e.aspx) for syntax.
+    The proxy tag allows additional properties to specify required settings like `scriptLocation`. See [\<proxy\> Element (Network Settings)](https://msdn.microsoft.com/library/sa91de1e.aspx) for syntax.
 
-	```xml
-	<proxy autoDetect="true|false|unspecified" bypassonlocal="true|false|unspecified" proxyaddress="uriString" scriptLocation="uriString" usesystemdefault="true|false|unspecified "/>
-	```
+    ```xml
+    <proxy autoDetect="true|false|unspecified" bypassonlocal="true|false|unspecified" proxyaddress="uriString" scriptLocation="uriString" usesystemdefault="true|false|unspecified "/>
+    ```
 1. Save the configuration file in its original location. Then restart the self-hosted integration runtime host service, which picks up the changes.
 
    To restart the service, use the services applet from Control Panel. Or from Integration Runtime Configuration Manager, select the **Stop Service** button, and then select **Start Service**.
@@ -399,7 +399,7 @@ If you select the **Use system proxy** option for the HTTP proxy, the self-hoste
 > [!IMPORTANT]
 > Don't forget to update both diahost.exe.config and diawp.exe.config.
 
-You also need to make sure that Microsoft Azure is in your company’s allow list. You can download the list of valid Azure IP addresses from [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=41653).
+You also need to make sure that Microsoft Azure is in your company's allow list. You can download the list of valid Azure IP addresses from [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=41653).
 
 ### Possible symptoms for issues related to the firewall and proxy server
 
@@ -408,10 +408,10 @@ If you see error messages like the following ones, the likely reason is improper
 * When you try to register the self-hosted integration runtime, you receive the following error message: "Failed to register this Integration Runtime node! Confirm that the Authentication key is valid and the integration service host service is running on this machine."
 * When you open Integration Runtime Configuration Manager, you see a status of **Disconnected** or **Connecting**. When you view Windows event logs, under **Event Viewer** > **Application and Services Logs** > **Microsoft Integration Runtime**, you see error messages like this one:
 
-	```
-	Unable to connect to the remote server
-	A component of Integration Runtime has become unresponsive and restarts automatically. Component name: Integration Runtime (Self-hosted).
-	```
+    ```
+    Unable to connect to the remote server
+    A component of Integration Runtime has become unresponsive and restarts automatically. Component name: Integration Runtime (Self-hosted).
+    ```
 
 ### Enable remote access from an intranet
 
