Merge pull request #284508 from b-ahibbard/aug13

prmerger-automator[bot] · web-flow · commit 3dcff24523c0 · 2024-08-13T16:09:28.000Z
backup from snapshot &amp; avg deployment
diff --git a/articles/azure-netapp-files/application-volume-group-considerations.md b/articles/azure-netapp-files/application-volume-group-considerations.md
@@ -5,7 +5,7 @@ services: azure-netapp-files
 author: b-hchen
 ms.service: azure-netapp-files
 ms.topic: conceptual
-ms.date: 06/18/2024
+ms.date: 08/13/2024
 ms.author: anfdocs
 ---
 # Requirements and considerations for application volume group for SAP HANA 
@@ -46,10 +46,16 @@ This article describes the requirements and considerations you need to be aware
 
 ## Best practices about proximity placement groups
 
-To deploy SAP HANA volumes using the application volume group, you need to ensure that your HANA database VMs and the Azure NetApp Files resources are in close proximity to ensure lowest possible latency. To achieve this setup, a proximity placement group (PPG) is used that is linked to the database VMs (called *anchored*). When passed to the application volume group, the PPG is used to find all Azure NetApp Files resources in close proximity to the database servers. 
+To deploy SAP HANA volumes using the application volume group, you need to ensure that your HANA database VMs and the Azure NetApp Files resources are in close proximity to ensure lowest possible latency. You can achieve close proximity using either of the following deployment methods: 
+  
+* **Availability zone volume placement (preferred)**
+        Select the availability zone for the volumes and select Standard network features for the deployment. Neither a proximity placement group nor VM pinning are required for this method. Before you can use this workflow, you must [register the feature](application-volume-group-deploy-first-host.md#register-for-extension-1).
+* **Proximity placement group with VM pinning**
+    The application volume group uses a proximity placement group linked (or anchored) to the database VMs. When passed to the application volume group, the PPG is used to find all Azure NetApp Files resources in close proximity to the database servers. Volumes are deployed using Basic network features.
+
 
 > [!IMPORTANT]
-> It is important to understand that a PPG is only anchored and can therefore identify the location of the VMs if at least one VM is started and kept running for the duration of all AVG deployments. If all VMs are stopped, the PPG will lose its anchor, and at the next restart, the VMs may move to a different location. This situation could lead to increased latency as Azure NetApp Files volumes are not moved after initial creation. 
+> A PPG is only anchored and can therefore identify the location of the VMs if at least one VM is started and kept running for the duration of all AVG deployments. If all VMs are stopped, the PPG loses its anchor, and at the next restart, the VMs may move to a different location. This situation could lead to increased latency as Azure NetApp Files volumes are not moved after initial creation. 
 
 To avoid this situation, you should create an availability set per database and use the **[SAP HANA VM pinning request form](https://aka.ms/HANAPINNING)** to pin the availability set to a dedicated compute cluster. After pinning, you need to add a PPG to the availability set, and then deploy all hosts of an SAP HANA database using that availability set. Doing so ensures that all virtual machines are at the same location. As long as one of the virtual machines is started, the PPG retains its anchor to deploy the AVG volumes. 
 
@@ -79,10 +85,10 @@ This situation leads to two possible scenarios:
     SAP HANA capable virtual machine series (that is, M-Series) are mostly placed close to Azure NetApp Files resources so that the application volume group can create the required volumes with lowest possible latency with the help of a PPG. This relationship between volumes and HANA hosts won't change if at least one virtual machine is up and running all the time.
 
 > [!NOTE]
-> When you use application volume group to deploy your HANA volumes, at least one VM in the availability set must be started. Without a running VM, the PPG cannot be used to find the optimal Azure NetApp files hardware, and provisioning will fail.
+> When you use application volume group to deploy your HANA volumes, at least one VM in the availability set must be started. Without a running VM, the PPG can't be used to find the optimal Azure NetApp files hardware, causing provisioning to fail.
 
 > [!NOTE]
-> Do not delete your PPG. Deleting a PPG will remove the pinning and can cause subsequent volume groups to be created in sub-optimal locations which could lead to increased latency.
+> Do not delete your PPG. Deleting a PPG removes the pinning and can cause subsequent volume groups to be created in sub-optimal locations which could lead to increased latency.
 
 ## Next steps
 
diff --git a/articles/azure-netapp-files/azure-netapp-files-create-volumes-smb.md b/articles/azure-netapp-files/azure-netapp-files-create-volumes-smb.md
@@ -5,7 +5,7 @@ services: azure-netapp-files
 author: b-hchen
 ms.service: azure-netapp-files
 ms.topic: how-to
-ms.date: 06/10/2024
+ms.date: 08/13/2024
 ms.author: anfdocs
 ---
 # Create an SMB volume for Azure NetApp Files
diff --git a/articles/azure-netapp-files/azure-netapp-files-create-volumes.md b/articles/azure-netapp-files/azure-netapp-files-create-volumes.md
@@ -5,7 +5,7 @@ services: azure-netapp-files
 author: b-hchen
 ms.service: azure-netapp-files
 ms.topic: how-to
-ms.date: 06/10/2024
+ms.date: 08/13/2024
 ms.author: anfdocs
 ---
 # Create an NFS volume for Azure NetApp Files
diff --git a/articles/azure-netapp-files/backup-manage-policies.md b/articles/azure-netapp-files/backup-manage-policies.md
@@ -5,7 +5,7 @@ services: azure-netapp-files
 author: b-hchen
 ms.service: azure-netapp-files
 ms.topic: how-to
-ms.date: 04/24/2024
+ms.date: 08/13/2024
 ms.author: anfdocs
 ---
 # Manage backup policies for Azure NetApp Files 
@@ -36,6 +36,9 @@ To modify the backup policy settings:
     > [!NOTE] 
     > After backups are configured and have taken effect for the scheduled frequency, you can't change the backup retention count to `0`. The backup retention count requires a minimum number of `1` for the backup policy. See [Resource limits for Azure NetApp Files](azure-netapp-files-resource-limits.md) for details.  
 
+    >[!NOTE]
+    > Scheduled backups aren't supported on destination volumes in [cross-region](cross-region-replication-introduction.md) or [cross-zone](cross-zone-replication-introduction.md) replication relationships. Backups on destination volumes can only be taken from manual snapshots replicated from the source volume. For more information, see [Requirements and considerations for Azure NetApp Files backup](backup-requirements-considerations.md#requirements-and-considerations).
+
 ## Suspend a backup policy  
 
 A backup policy can be suspended so that it does not perform any new backup operations against the associated volumes. This action enables you to temporarily suspend backups if existing backups need to be maintained but not retired because of versioning.   
diff --git a/articles/azure-netapp-files/backup-requirements-considerations.md b/articles/azure-netapp-files/backup-requirements-considerations.md
@@ -5,7 +5,7 @@ services: azure-netapp-files
 author: b-hchen
 ms.service: azure-netapp-files
 ms.topic: conceptual
-ms.date: 08/15/2023
+ms.date: 08/13/2024
 ms.author: anfdocs
 ---
 # Requirements and considerations for Azure NetApp Files backup 
@@ -36,13 +36,15 @@ Azure NetApp Files backup in a region can only protect an Azure NetApp Files vol
 
 * Policy-based (scheduled) Azure NetApp Files backup is independent from [snapshot policy configuration](azure-netapp-files-manage-snapshots.md).
 
-* In a [cross-region replication](cross-region-replication-introduction.md) (CRR) or [cross-zone replication](cross-zone-replication-introduction.md) (CZR) setting, Azure NetApp Files backup can be configured on a source volume only. Azure NetApp Files backup isn't supported on a CRR or CZR *destination* volume.
+* In a [cross-region replication](cross-region-replication-introduction.md) (CRR) or [cross-zone replication](cross-zone-replication-introduction.md) (CZR) setting, Azure NetApp Files backup can be configured on a source volume. 
+
+    Backups on a destination volume are only supported for manually created snapshots. To take backups of a destination volume, create a snapshot on the source volume then wait for the snapshot to be replicated to the destination volume. From the destination volume, you can select the snapshot for backup, where you can select this snapshot for backup. Scheduled backups on a destination volume aren't supported.
 
 * See [Restore a backup to a new volume](backup-restore-new-volume.md) for additional considerations related to restoring backups.
 
 * If you delete a volume, the backups remain. If you no longer need the backups, you should [manually delete the backups](backup-delete.md).
 
-* If you need to delete a parent resource group or subscription that contains backups, you should delete any backups first. Deleting the resource group or subscription won't delete the backups.
+* If you need to delete a parent resource group or subscription that contains backups, you should delete any backups first. Deleting the resource group or subscription doesn't delete the backups.
 
 ## Next steps
 
diff --git a/articles/azure-netapp-files/create-volumes-dual-protocol.md b/articles/azure-netapp-files/create-volumes-dual-protocol.md
@@ -5,7 +5,7 @@ services: azure-netapp-files
 author: b-hchen
 ms.service: azure-netapp-files
 ms.topic: how-to
-ms.date: 06/10/2024
+ms.date: 08/13/2024
 ms.author: anfdocs
 ---
 # Create a dual-protocol volume for Azure NetApp Files
@@ -46,8 +46,8 @@ You can also use [Azure CLI commands](/cli/azure/feature) `az feature register`
 ## Considerations
 
 * Ensure that you meet the [Requirements for Active Directory connections](create-active-directory-connections.md#requirements-for-active-directory-connections). 
-* Create a reverse lookup zone on the DNS server and then add a pointer (PTR) record of the AD host machine in that reverse lookup zone. Otherwise, the dual-protocol volume creation will fail.
-* The **Allow local NFS users with LDAP** option in Active Directory connections intends to provide occasional and temporary access to local users. When this option is enabled, user authentication and lookup from the LDAP server stop working, and the number of group memberships that Azure NetApp Files will support will be limited to 16.  As such, you should keep this option *disabled* on Active Directory connections, except for the occasion when a local user needs to access LDAP-enabled volumes. In that case, you should disable this option as soon as local user access is no longer required for the volume. See [Allow local NFS users with LDAP to access a dual-protocol volume](#allow-local-nfs-users-with-ldap-to-access-a-dual-protocol-volume) about managing local user access.
+* Create a reverse lookup zone on the DNS server and then add a pointer (PTR) record of the AD host machine in that reverse lookup zone. Otherwise, the dual-protocol volume creation fails.
+* The **Allow local NFS users with LDAP** option in Active Directory connections intends to provide occasional and temporary access to local users. When this option is enabled, user authentication and lookup from the LDAP server stop working, and the number of group memberships that Azure NetApp Files supports is limited to 16.  As such, you should keep this option *disabled* on Active Directory connections, except for the occasion when a local user needs to access LDAP-enabled volumes. In that case, you should disable this option as soon as local user access is no longer required for the volume. See [Allow local NFS users with LDAP to access a dual-protocol volume](#allow-local-nfs-users-with-ldap-to-access-a-dual-protocol-volume) about managing local user access.
 * Ensure that the NFS client is up to date and running the latest updates for the operating system.
 * Dual-protocol volumes support both Active Directory Domain Services (AD DS) and Microsoft Entra Domain Services. 
 * Dual-protocol volumes do not support the use of LDAP over TLS with [Microsoft Entra Domain Services](../active-directory-domain-services/overview.md). LDAP over TLS is supported with Active Directory Domain Services (AD DS). See [LDAP over TLS considerations](configure-ldap-over-tls.md#considerations).
@@ -83,11 +83,11 @@ You can also use [Azure CLI commands](/cli/azure/feature) `az feature register`
 
 ## Create a dual-protocol volume
 
-1.	Click the **Volumes** blade from the Capacity Pools blade. Click **+ Add volume** to create a volume. 
+1.	Select the **Volumes** blade from the Capacity Pools blade. Select **+ Add volume** to create a volume. 
 
     ![Navigate to Volumes](./media/shared/azure-netapp-files-navigate-to-volumes.png) 
 
-2.	In the Create a Volume window, click **Create**, and provide information for the following fields under the Basics tab:   
+2.	In the Create a Volume window, select **Create**, and provide information for the following fields under the Basics tab:   
     * **Volume name**      
         Specify the name for the volume that you are creating.   
 
@@ -122,7 +122,7 @@ You can also use [Azure CLI commands](/cli/azure/feature) `az feature register`
         Specify the subnet that you want to use for the volume.  
         The subnet you specify must be delegated to Azure NetApp Files. 
         
-        If you have not delegated a subnet, you can click **Create new** on the Create a Volume page. Then in the Create Subnet page, specify the subnet information, and select **Microsoft.NetApp/volumes** to delegate the subnet for Azure NetApp Files. In each VNet, only one subnet can be delegated to Azure NetApp Files.   
+        If you haven't delegated a subnet, you can select **Create new** on the Create a Volume page. Then in the Create Subnet page, specify the subnet information, and select **Microsoft.NetApp/volumes** to delegate the subnet for Azure NetApp Files. In each VNet, only one subnet can be delegated to Azure NetApp Files.   
     
         ![Create subnet](./media/shared/azure-netapp-files-create-subnet.png)
 
@@ -135,7 +135,7 @@ You can also use [Azure CLI commands](/cli/azure/feature) `az feature register`
     * **Availability zone**   
         This option lets you deploy the new volume in the logical availability zone that you specify. Select an availability zone where Azure NetApp Files resources are present. For details, see [Manage availability zone volume placement](manage-availability-zone-volume-placement.md).
 
-    * If you want to apply an existing snapshot policy to the volume, click **Show advanced section** to expand it, specify whether you want to hide the snapshot path, and select a snapshot policy in the pull-down menu. 
+    * If you want to apply an existing snapshot policy to the volume, select **Show advanced section** to expand it, specify whether you want to hide the snapshot path, and select a snapshot policy in the pull-down menu. 
 
         For information about creating a snapshot policy, see [Manage snapshot policies](snapshots-manage-policy.md).
 
@@ -160,7 +160,7 @@ You can also use [Azure CLI commands](/cli/azure/feature) `az feature register`
 
     * If you want to enable SMB3 protocol encryption for the dual-protocol volume, select **Enable SMB3 Protocol Encryption**.   
 
-        This feature enables encryption for only in-flight SMB3 data. It does not encrypt NFSv3 in-flight data. SMB clients not using SMB3 encryption will not be able to access this volume. Data at rest is encrypted regardless of this setting. See [SMB encryption](azure-netapp-files-smb-performance.md#smb-encryption) for more information. 
+        This feature enables encryption for only in-flight SMB3 data. It does not encrypt NFSv3 in-flight data. SMB clients not using SMB3 encryption aren't able to access this volume. Data at rest is encrypted regardless of this setting. See [SMB encryption](azure-netapp-files-smb-performance.md#smb-encryption) for more information. 
 
     * If you selected NFSv4.1 and SMB for the dual-protocol volume versions, indicate whether you want to enable **Kerberos** encryption for the volume.
 
@@ -169,7 +169,7 @@ You can also use [Azure CLI commands](/cli/azure/feature) `az feature register`
 
     * <a name="access-based-enumeration"></a> If you want to enable access-based enumeration, select **Enable Access Based Enumeration**.
 
-        This feature will hide directories and files created under a share from users who do not have access permissions. Users will still be able to view the share. You can only enable access-based enumeration if the dual-protocol volume uses NTFS security style.
+        This feature hides directories and files created under a share from users who do not have access permissions. You can still view the share. You can only enable access-based enumeration if the dual-protocol volume uses NTFS security style.
 
     * <a name="non-browsable-share"></a> You can enable the **non-browsable-share feature.**
 
@@ -185,7 +185,7 @@ You can also use [Azure CLI commands](/cli/azure/feature) `az feature register`
 
     ![Specify dual-protocol](./media/create-volumes-dual-protocol/create-volume-protocol-dual.png)
 
-4. Click **Review + Create** to review the volume details. Then click **Create** to create the volume.
+4. Select **Review + Create** to review the volume details. Then select **Create** to create the volume.
 
     The volume you created appears in the Volumes page. 
  
@@ -199,7 +199,7 @@ The **Allow local NFS users with LDAP** option in Active Directory connections e
 > Before enabling this option, you should understand the [considerations](#considerations).   
 > The **Allow local NFS users with LDAP** option is part of the **LDAP with extended groups** feature and requires registration. See [Configure AD DS LDAP with extended groups for NFS volume access](configure-ldap-extended-groups.md) for details.
 
-1. Select **Active Directory connections**. On an existing Active Directory connection, click the context menu (the three dots `…`), and select **Edit**.  
+1. Select **Active Directory connections**. On an existing Active Directory connection, select the context menu (the three dots `…`) then **Edit**.  
 
 2. On the **Edit Active Directory settings** window that appears, select the **Allow local NFS users with LDAP** option.  
 
@@ -228,18 +228,18 @@ The values specified for `objectClass` are separate entries. For example, in Mul
 
 Microsoft Entra Domain Services doesn’t allow you to modify the objectClass POSIX attribute on users and groups created in the organizational AADDC Users OU. As a workaround, you can create a custom OU and create users and groups in the custom OU.
 
-If you are synchronizing the users and groups in your Microsoft Entra tenancy to users and groups in the AADDC Users OU, you cannot move users and groups into a custom OU. Users and groups created in the custom OU will not be synchronized to your AD tenancy. For more information, see the [Microsoft Entra Domain Services Custom OU considerations and limitations](../active-directory-domain-services/create-ou.md#custom-ou-considerations-and-limitations).
+If you are synchronizing the users and groups in your Microsoft Entra tenancy to users and groups in the AADDC Users OU, you can't move users and groups into a custom OU. Users and groups created in the custom OU aren't synchronized to your AD tenancy. For more information, see the [Microsoft Entra Domain Services Custom OU considerations and limitations](../active-directory-domain-services/create-ou.md#custom-ou-considerations-and-limitations).
 
 ### Access Active Directory Attribute Editor 
 
 On a Windows system, you can access the Active Directory Attribute Editor as follows:  
 
-1. Click **Start**, navigate to **Windows Administrative Tools**, and then click **Active Directory Users and Computers** to open the Active Directory Users and Computers window.  
-2.	Click the domain name that you want to view, and then expand the contents.  
+1. Select **Start**, navigate to **Windows Administrative Tools**. Then select **Active Directory Users and Computers** to open the Active Directory Users and Computers window.  
+2.	Select the domain name that you want to view, and then expand the contents.  
 3.	To display the advanced Attribute Editor, enable the **Advanced Features** option in the Active Directory Users Computers **View** menu.   
     ![Screenshot that shows how to access the Attribute Editor Advanced Features menu.](./media/create-volumes-dual-protocol/attribute-editor-advanced-features.png) 
-4. Double-click **Users** on the left pane to see the list of users.
-5. Double-click a particular user to see its **Attribute Editor** tab.
+4. Select **Users** on the left pane to see the list of users.
+5. Select a particular user to see its **Attribute Editor** tab.
  
 ## Configure the NFS client 
 
diff --git a/articles/azure-netapp-files/includes/50-gib-volume.md b/articles/azure-netapp-files/includes/50-gib-volume.md
diff --git a/articles/azure-netapp-files/whats-new.md b/articles/azure-netapp-files/whats-new.md
