Merge pull request #3548 from MicrosoftDocs/main638768997082456989sync_temp

For protected branch, push strategy should use PR and merge to target branch method to work around git push error

Author: learn-build-service-prod[bot]

adaptive-cloud/index.yml

@@ -328,8 +328,6 @@ additionalContent:
       # Cards
       - title: Azure Stack 
         links:
-          - url: /azure-stack/asdk
-            text: Azure Stack development kit
           - url: /azure-stack/hci/guided-quick-deploy-eval
             text: Azure Stack HCI evaluation guide
           - url: https://www.youtube.com/watch?v=to8D7Xl9SU8

azure-local/concepts/security-features.md

@@ -5,7 +5,7 @@ author: alkohli
 ms.author: alkohli
 ms.topic: conceptual
 ms.service: azure-local
-ms.date: 03/04/2025
+ms.date: 03/06/2025
 ---
 
 # Security features for Azure Local
@@ -160,7 +160,10 @@ Azure Local comes with Microsoft Defender Antivirus enabled and configured by de
 
 Although we recommend using Microsoft Defender Antivirus for Azure Local, if you prefer non-Microsoft antivirus and security software, **we advise selecting one that your Independent Software Vendor (ISV) has validated for Azure Local** to minimize potential functionality issues.
 
-For more information, see [Microsoft Defender Antivirus compatibility with other security products](/defender-endpoint/microsoft-defender-antivirus-compatibility).
+For more information, see:
+
+- [Microsoft Defender Antivirus compatibility with other security products](/defender-endpoint/microsoft-defender-antivirus-compatibility).
+- [Microsoft Defender Antivirus and non-Microsoft antivirus solutions without Defender for Endpoint](/defender-endpoint/defender-antivirus-compatibility-without-mde).
 
 In the rare instance that you experience any functionality issues with Azure Local using non-Microsoft antivirus software, you can exclude the following paths:
 
@@ -186,7 +189,6 @@ With the basic Defender for Cloud plan, you get recommendations on how to improv
 For more information, see:
 
 - [Manage system security with Microsoft Defender for Cloud (preview)](../manage/manage-security-with-defender-for-cloud.md).
-- [Microsoft Defender Antivirus and non-Microsoft antivirus solutions without Defender for Endpoint](/defender-endpoint/defender-antivirus-compatibility-without-mde).
 
 ## Next steps
 

azure-local/known-issues.md

@@ -3,7 +3,7 @@ title: Release notes with fixed and known issues in Azure Local
 description: Read about the known issues and fixed issues in Azure Local.
 author: alkohli
 ms.topic: conceptual
-ms.date: 01/28/2025
+ms.date: 03/06/2025
 ms.author: alkohli
 ms.reviewer: alkohli
 ---
@@ -306,6 +306,7 @@ The following table lists the known issues in this release:
 
 |Feature  |Issue  |Workaround  |
 |---------|---------|---------|
+| Azure Migrate | Migration of Gen 1 (non-sysprep) VMs using Azure Migrate fails with the error: *Failed to clean up seed ISO disk from the file system for VM*. |Contact Microsoft Support to apply a patch that resolves the VM failures associated with this issue.  |
 | Security vulnerability <!--ADO--> |Microsoft has identified a security vulnerability that could expose the local admin credentials used during the creation of Arc VMs on Azure Local to non-admin users on the VM and on the hosts. <br> Arc VMs running on releases prior to Azure Local 2411 release are vulnerable.  |To identify the Arc VMs that require this change and to change the account passwords, see detailed instructions in: [Security vulnerability for Arc VMs on Azure Local](https://aka.ms/CVE-2024-49060).|
 | Deployment <!--30273426--><br>Upgrade |If the timezone is not set to UTC before you deploy Azure Local, an *ArcOperationTimeOut* error occurs during validation. The following error message is displayed: *OperationTimeOut, No updates received from device for operation.*   |Depending on your scenario, choose one of the following workarounds for this issue: <br><br> **Scenario 1.** Before you start the deployment, make sure that the timezone is set to UTC. <br><br>Connect to each of the Azure Local nodes and change the timezone to UTC. <br><br> Run the following command: `Set-TimeZone -Id "UTC"`. <br><br> **Scenario 2.** If you started the deployment without setting the UTC timezone and received the error mentioned in the validation phase, follow these steps:<br><br> 1. Connect to each Azure Local node. Change the time zone to UTC with `Set-TimeZone -Id "UTC"`. Reboot the nodes.<br><br> 2. After the nodes have restarted, go to the Azure Local resource in Azure portal. Start the validation again to resolve the issue and continue with the deployment or upgrade.<br><br> For detailed remediation steps, see the troubleshooting guide in the [Azure Local Supportability](https://github.com/Azure/AzureLocal-Supportability/blob/main/TSG/Deployment/Triggering-deployment-settings-validation-call-results-in-OperationTimeout-2411-0.md) GitHub repository.|
 | Update <!--30345067--> | When updating from version 2408.2.7 to 2411.0.24, the update process could fail with the following error message: `Type 'CauPreRequisites' of Role 'CAU' raised an exception: Could not finish cau prerequisites due to error 'Cannot remove item C:\UpdateDistribution\<any_file_name>: Access to the path is denied.'` |For detailed steps on how to mitigate this issue, see [Azure Local Troubleshooting Guide for Update](https://github.com/Azure/AzureLocal-Supportability/blob/main/TSG/Update/mitigation-for-cannot-remove-c-update-distribution-with-access-denied.md).|

azure-local/update/about-updates-23h2.md

@@ -82,7 +82,9 @@ Solution updates managed by this feature contain new versions of the Azure Stack
 This solution is the recommended way to update your Azure Local.
 
 > [!NOTE]
-> Customer workloads aren't covered by this update solution.
+
+> - Azure Local update includes updates for all components, including Azure CLI, PowerShell, and any extensions. Microsoft does not support out of band updates for individual components. The out of band updates could lead to incompatibility with Application Control for Windows.
+> - Customer workloads aren't covered by this update solution.
 
 ## User interfaces for updates
 

azure-stack/breadcrumb/toc.yml

@@ -6,9 +6,6 @@
     tocHref: /azure-stack/
     topicHref: /azure-stack/index
     items:
-    - name: Hub ASDK
-      tocHref: /azure-stack/asdk/
-      topicHref: /azure-stack/asdk/index
     - name: Hub Operator
       tocHref: /azure-stack/operator/
       topicHref: /azure-stack/operator/index

azure-stack/docfx.json

@@ -1,25 +1,6 @@
 {
   "build": {
     "content": [
-      {
-        "group": "version-ash",
-        "src" : "asdk",
-        "dest" : "asdk",
-        "files": [
-          "**/*.md",
-          "**/*.yml"
-        ],
-        "exclude": [
-          "**/obj/**",
-          "**/includes/**",
-          "_themes/**",
-          "_themes.pdf/**",
-          "README.md",
-          "LICENSE",
-          "LICENSE-CODE",
-          "ThirdPartyNotices"
-        ]
-      },
       {
         "group": "version-ash",
         "src" : "operator",
@@ -85,7 +66,6 @@
           "**/*.yml"
         ],
         "exclude": [
-          "asdk/**",
           "operator/**",
           "partner/**",
           "user/**",
@@ -101,22 +81,6 @@
       }
     ],
     "resource": [
-      {
-        "files": [
-          "**/*.png",
-          "**/*.jpg",
-          "**/*.svg",
-          "**/*.gif"
-        ],
-        "src": "asdk",
-        "dest": "asdk",
-        "group": "version-ash",
-        "exclude": [
-          "**/obj/**",
-          "_themes/**",
-          "_themes.pdf/**"
-        ]
-      },
       {
         "files": [
           "**/*.png",
@@ -176,7 +140,6 @@
           "**/*.json"
         ],
         "exclude": [
-          "asdk/**",
           "operator/**",
           "partner/**",
           "user/**",
@@ -207,28 +170,23 @@
     },
     "fileMetadata": {
       "ms.service": {
-        "asdk/**/*.md": "azure-stack-hub",
         "mdc/**/*.md": "azure-stack-hub",
         "operator/**/*.md": "azure-stack-hub",
         "partner/**/*.md": "azure-stack-hub",
         "reference/**/*.md": "azure-stack-hub",
         "user/**/*.md": "azure-stack-hub"
       },
       "titleSuffix": {
-        "**/*.md": "Azure Stack Hub",
-        "asdk/**/*.md": "Azure Stack Development Kit (ASDK)",
-        "hybrid/**/*.md": "Azure Stack"
+        "**/*.md": "Azure Stack Hub"
       },
       "feedback_help_link_url": {
         "operator/**/*.md": "https://learn.microsoft.com/answers/tags/205/azure-stack-hub",
         "user/**/*.md": "https://learn.microsoft.com/answers/tags/205/azure-stack-hub",
         "mdc/**/*.md": "https://learn.microsoft.com/answers/tags/205/azure-stack-hub",
-        "asdk/**/*.md": "https://learn.microsoft.com/answers/tags/205/azure-stack-hub",
         "partner/**/*.md": "https://learn.microsoft.com/answers/tags/205/azure-stack-hub",
         "reference/**/*.md": "https://learn.microsoft.com/answers/tags/205/azure-stack-hub"
       },
       "ms.subservice": {
-        "asdk/**/*.md": "azure-stack-hub-asdk",
         "mdc/**/*.md": "azure-stack-hub-mdc"
       }
     },

azure-stack/mdc/azure-stack-vm-considerations.md

@@ -6,7 +6,7 @@ author: sethmanheim
 manager: lizross
 ms.service: azure-stack-hub
 ms.topic: article
-ms.date: 2/1/2021
+ms.date: 03/06/2025
 ms.author: sethm
 ms.reviewer: kivenkat
 ms.lastreviewed: 12/20/2019
@@ -25,7 +25,7 @@ Azure Stack virtual machines (VMs) provide on-demand, scalable computing resourc
 | Virtual machine sizes | Azure supports a wide variety of sizes for VMs. To learn about the available sizes and options, refer to the [Windows VMs sizes](/azure/virtual-machines/sizes) and [Linux VM sizes](/azure/virtual-machines/linux/sizes) topics. | Azure Stack supports a subset of VM sizes that are available in Azure. To view the list of supported sizes, refer to the [VM sizes](#vm-sizes) section of this article. |
 | Virtual machine quotas | [Quota limits](/azure/azure-subscription-service-limits#service-specific-limits) are set by Microsoft. | The Azure Stack cloud admin must assign quotas before they offer VM to their users. |
 | Virtual machine extensions |Azure supports a wide variety of VM extensions. To learn about the available extensions, refer to the [VM extensions and features](/azure/virtual-machines/windows/extensions-features) article.| Azure Stack supports a subset of extensions that are available in Azure and each of the extensions have specific versions. The Azure Stack cloud admin can choose which extensions to be made available to for their users. To view the list of supported extensions, refer to the [VM extensions](#vm-extensions) section of this article. |
-| Virtual machine network | Public IP addresses assigned to a tenant VM are accessible over the Internet.<br><br><br>Azure VMs have a fixed DNS name. | Public IP addresses assigned to a tenant VM are accessible within the Azure Stack Development Kit environment only. A user must have access to the Azure Stack Development Kit via [RDP](../asdk/asdk-connect.md#connect-to-azure-stack-using-rdp) or [VPN](../asdk/asdk-connect.md#connect-to-azure-stack-using-vpn) to connect to a VM that is created in Azure Stack.<br><br>VMs created within a specific Azure Stack instance have a DNS name based on the value that is configured by the cloud admin. |
+| Virtual machine network | Public IP addresses assigned to a tenant VM are accessible over the Internet.<br><br><br>Azure VMs have a fixed DNS name. | Public IP addresses assigned to a tenant VM are accessible within the Azure Stack Development Kit environment only. A user must have access to VPN to connect to a VM that is created in Azure Stack.<br><br>VMs created within a specific Azure Stack instance have a DNS name based on the value that is configured by the cloud admin. |
 | Virtual machine storage | Supports [managed disks.](/azure/virtual-machines/windows/managed-disks-overview) | Managed disks are supported in Azure Stack with version 1808 and later. |
 | Virtual machine disk performance | Depends on disk type and size. | Depends on VM size of the VM, which the disks are attached to. For more info, refer to the [VM sizes supported in Azure Stack](azure-stack-vm-sizes.md) article.
 | API versions | Azure always has the latest API versions for all the VM features. | Azure Stack supports specific Azure services and specific API versions for these services. To view the list of supported API versions, refer to the [API versions](#api-versions) section of this article. |

azure-stack/operator/azure-stack-app-service-before-you-get-started.md

@@ -2,11 +2,10 @@
 title: Prerequisites to deploy Azure App Service on Azure Stack Hub 
 description: Learn the prerequisite steps to complete before you deploy Azure App Service on Azure Stack Hub.
 author: sethmanheim
-
 ms.topic: article
 ms.custom:
   - devx-track-arm-template
-ms.date: 10/24/2022
+ms.date: 03/06/2025
 ms.author: sethm
 ms.reviewer: anwestg
 ms.lastreviewed: 10/28/2019
@@ -24,7 +23,7 @@ Before you deploy Azure App Service on Azure Stack Hub, you must complete the pr
 
 ## Before you get started 
 
-This section lists the prerequisites for both integrated system and Azure Stack Development Kit (ASDK) deployments.
+This section lists the prerequisites for Azure Stack Hub integrated systems deployments.
 
 ### Resource provider prerequisites
 
@@ -260,66 +259,6 @@ RECONFIGURE;
 GO
 ```
 
-<!-- ASDK Only --->
-## Certificates and server configuration (ASDK)
-
-This section lists the prerequisites for ASDK deployments. 
-
-### Certificates required for ASDK deployment of Azure App Service
-
-The *Create-AppServiceCerts.ps1* script works with the Azure Stack Hub certificate authority to create the four certificates that App Service needs.
-
-| File name | Use |
-| --- | --- |
-| _.appservice.local.azurestack.external.pfx | App Service default SSL certificate |
-| api.appservice.local.azurestack.external.pfx | App Service API SSL certificate |
-| ftp.appservice.local.azurestack.external.pfx | App Service publisher SSL certificate |
-| sso.appservice.local.azurestack.external.pfx | App Service identity application certificate |
-
-To create the certificates, follow these steps:
-
-1. Sign in to the ASDK host using the AzureStack\AzureStackAdmin account.
-2. Open an elevated PowerShell session.
-3. Run the *Create-AppServiceCerts.ps1* script from the folder where you extracted the helper scripts. This script creates four certificates in the same folder as the script that App Service needs for creating certificates.
-4. Enter a password to secure the .pfx files, and make a note of it. You must enter it later, in the App Service on Azure Stack Hub installer.
-
-#### Create-AppServiceCerts.ps1 script parameters
-
-| Parameter | Required or optional | Default value | Description |
-| --- | --- | --- | --- |
-| pfxPassword | Required | Null | Password that helps protect the certificate private key |
-| DomainName | Required | local.azurestack.external | Azure Stack Hub region and domain suffix |
-
-### Quickstart template for file server for deployments of Azure App Service on ASDK.
-
-For ASDK deployments only, you can use the [example Azure Resource Manager deployment template](https://aka.ms/appsvconmasdkfstemplate) to deploy a configured single-node file server. The single-node file server will be in a workgroup.  
-
-> [!NOTE]
-> The ASDK instance must be able to download resources from GitHub in order to complete the deployment.
-
-### SQL Server instance
-
-For the Azure App Service on Azure Stack Hub hosting and metering databases, you must prepare a SQL Server instance to hold the App Service databases.
-
-For ASDK deployments, you can use SQL Server Express 2014 SP2 or later. SQL Server must be configured to support **Mixed Mode** authentication because App Service on Azure Stack Hub **DOES NOT** support Windows Authentication.
-
-The SQL Server instance for Azure App Service on Azure Stack Hub must be accessible from all App Service roles. You can deploy SQL Server within the Default Provider Subscription in Azure Stack Hub. Or you can make use of the existing infrastructure within your organization (as long as there's connectivity to Azure Stack Hub). If you're using an Azure Marketplace image, remember to configure the firewall accordingly.
-
-> [!NOTE]
-> A number of SQL IaaS VM images are available through the Marketplace Management feature. Make sure you always download the latest version of the SQL IaaS Extension before you deploy a VM using a Marketplace item. The SQL images are the same as the SQL VMs that are available in Azure. For SQL VMs created from these images, the IaaS extension and corresponding portal enhancements provide features such as automatic patching and backup capabilities.
->
-> For any of the SQL Server roles, you can use a default instance or a named instance. If you use a named instance, be sure to manually start the SQL Server Browser service and open port 1434.
-
-The App Service installer will check to ensure the SQL Server has database containment enabled. To enable database containment on the SQL Server that will host the App Service databases, run these SQL commands:
-
-```sql
-sp_configure 'contained database authentication', 1;
-GO
-RECONFIGURE;
-GO
-
-```
-
 ## Licensing concerns for required file server and SQL Server
 
 Azure App Service on Azure Stack Hub requires a file server and SQL Server to operate. You're free to use pre-existing resources located outside of your Azure Stack Hub deployment or deploy resources within their Azure Stack Hub Default Provider Subscription.
@@ -335,7 +274,7 @@ Cloud operators are responsible for the maintenance and operation of the File Se
 
 ## Retrieve the Azure Resource Manager root certificate for Azure Stack Hub
 
-Open an elevated PowerShell session on a computer that can reach the privileged endpoint on the Azure Stack Hub Integrated System or ASDK Host.
+Open an elevated PowerShell session on a computer that can reach the privileged endpoint on the Azure Stack Hub integrated system.
 
 Run the *Get-AzureStackRootCert.ps1* script from the folder where you extracted the helper scripts. The script creates a root certificate in the same folder as the script that App Service needs for creating certificates.
 

azure-stack/operator/azure-stack-app-service-capacity-planning.md

@@ -2,9 +2,8 @@
 title: Plan App Service server roles capacity - Azure Stack Hub 
 description: Learn about capacity planning for App Service server roles in Azure Stack Hub.
 author: sethmanheim
-
 ms.topic: article
-ms.date: 05/05/2020
+ms.date: 03/06/2025
 ms.author: sethm
 ms.reviewer: anwestg
 ms.lastreviewed: 04/13/2020
@@ -99,7 +98,7 @@ Cloud admins can monitor their worker tier allocation in the App Service admin a
 
 ## File server role
 
-For the file server role, you can use a standalone file server for development and testing. For example, when deploying Azure App Service on the Azure Stack Development Kit (ASDK) you can use this [template](https://aka.ms/appsvconmasdkfstemplate).  For production purposes, you should use a pre-configured Windows file server, or a pre-configured non-Windows file server.
+For the file server role, you can use a standalone file server for development and testing. For production purposes, you should use a pre-configured Windows file server, or a pre-configured non-Windows file server.
 
 In production environments, the file server role experiences intensive disk I/O. Because it houses all of the content and app files for user web sites, you should preconfigure one of the following resources for this role:
 
@@ -115,5 +114,4 @@ For more information, see [Provision a file server](azure-stack-app-service-befo
 
 [Prerequisites for deploying App Service on Azure Stack Hub](azure-stack-app-service-before-you-get-started.md)
 
-<!--Image references-->
-[1]: ./media/azure-stack-app-service-capacity-planning/worker-tier-allocation.png
+[1]: ./media/azure-stack-app-service-capacity-planning/worker-tier-allocation.png