Merge pull request #33972 from MicrosoftDocs/main

4/30/2025 PM Publish

Author: Albertyang0

.github/workflows/allow-signoff-for-files.yml

@@ -24,6 +24,8 @@ jobs:
               # For testing set to a little used folder as the only target
               BlockedFilesAndFolders: '[
                     "docs/database-engine/availability-groups/windows/failover-and-failover-modes-always-on-availability-groups.md",
+                    "docs/relational-databases/backup-restore/sql-server-backup-to-url.md",
+                    "docs/t-sql/statements/backup-transact-sql.md",
                     "docs/sql-server/what-s-new-in-sql-server-2025.md",
                     "docs/database-engine/availability-groups/windows/distributed-availability-groups.md",
                     "docs/t-sql/statements/alter-availability-group-transact-sql.md",

docs/includes/sscautionuserschema-md.md

@@ -1,9 +1,8 @@
 ---
 author: rwestMSFT
 ms.author: randolphwest
-ms.date: 01/29/2024
+ms.date: 04/30/2025
 ms.service: sql
 ms.topic: include
 ---
-  Beginning with SQL Server 2005, the behavior of schemas changed. As a result, code that assumes that schemas are equivalent to database users may no longer return correct results. Old catalog views, including sysobjects, should not be used in a database in which any of the following DDL statements have ever been used: CREATE SCHEMA, ALTER SCHEMA, DROP SCHEMA, CREATE USER, ALTER USER, DROP USER, CREATE ROLE, ALTER ROLE, DROP ROLE, CREATE APPROLE, ALTER APPROLE, DROP APPROLE, ALTER AUTHORIZATION. In such databases you must instead use the new catalog views. The new catalog views take into account the separation of principals and schemas that was introduced in SQL Server 2005. For more information about catalog views, see [Catalog Views (Transact-SQL)](../relational-databases/system-catalog-views/catalog-views-transact-sql.md).
-   
+Schemas aren't equivalent to database users. Use [System catalog views](../relational-databases/system-catalog-views/catalog-views-transact-sql.md) to identify any differences between database users and schemas.

docs/t-sql/database-console-commands/dbcc-traceon-trace-flags-transact-sql.md

@@ -123,7 +123,7 @@ Trace flag behavior might not be supported in future releases of [!INCLUDE [ssNo
 | <a id="tf1260"></a>**1260** | Disable scheduler monitor dumps.<br /><br />**Scope:** Global only. |
 | <a id="tf1448"></a>**1448** | Enables the replication log reader to move forward even if the asynchronous secondaries haven't acknowledged the reception of a change. Even with this trace flag enabled the log reader always waits for the synchronous secondaries whose synchronization state is SYNCHRONIZED. The log reader doesn't go beyond the minimum acknowledged Log Sequence Number of the SYNCHRONIZED secondaries. This trace flag applies to the instance of [!INCLUDE [ssNoVersion](../../includes/ssnoversion-md.md)], not just an availability group, an availability database, or a log reader instance. This trace flag must be enabled on the publisher instance. It takes effect immediately without a restart. This trace flag can be activated ahead of time or when an asynchronous secondary replica fails.<br /><br />**Scope:** Global only. |
 | <a id="tf1462"></a>**1462** | Disables log stream compression for asynchronous availability groups. This feature is enabled by default on asynchronous availability groups in order to optimize network bandwidth. For more information, see [Tune compression for availability group](../../database-engine/availability-groups/windows/tune-compression-for-availability-group.md).<br /><br />**Scope:** Global only. |
-| <a id="tf1800"></a>**1800** | Enables [!INCLUDE [ssNoVersion](../../includes/ssnoversion-md.md)] optimization when disks of different sector sizes are used for primary and secondary replica log files, in [!INCLUDE [ssNoVersion](../../includes/ssnoversion-md.md)] Always On and Log Shipping environments. This trace flag is only required to be enabled on [!INCLUDE [ssNoVersion](../../includes/ssnoversion-md.md)] instances with transaction log file residing on disk with sector size of 512 bytes. Trace Flag 1800 is not required to be enabled on disk with sector sizes larger than 4 KB. For more information, see [KB3009974](https://support.microsoft.com/kb/3009974), [KB2510009](https://support.microsoft.com/kb/2510009), and [KB926930](https://support.microsoft.com/kb/926930).<br /><br />**Applies to:** [!INCLUDE [ssSQL11](../../includes/sssql11-md.md)] Service Pack 1 CU 13, [!INCLUDE [ssSQL11](../../includes/sssql11-md.md)] Service Pack 2 CU 3, [!INCLUDE [ssSQL14](../../includes/sssql14-md.md)] RTM CU 5, and later versions.<br /><br />**Scope:** Global only. |
+| <a id="tf1800"></a>**1800** | Enables [!INCLUDE [ssNoVersion](../../includes/ssnoversion-md.md)] optimization when disks of different sector sizes are used for primary and secondary replica log files, in [!INCLUDE [ssNoVersion](../../includes/ssnoversion-md.md)] Always On and Log Shipping environments. This trace flag is only required to be enabled on [!INCLUDE [ssNoVersion](../../includes/ssnoversion-md.md)] instances with transaction log file residing on disk with sector size of 512 bytes. Trace Flag 1800 is not required to be enabled on disk with sector sizes larger than 4 KB. For more information, see [KB3009974](https://support.microsoft.com/kb/3009974), [KB2510009](https://support.microsoft.com/kb/2510009), and [Troubleshoot errors related to system disk sector size greater than 4 KB](/troubleshoot/sql/database-engine/database-file-operations/troubleshoot-os-4kb-disk-sector-size).<br /><br />**Applies to:** [!INCLUDE [ssSQL11](../../includes/sssql11-md.md)] Service Pack 1 CU 13, [!INCLUDE [ssSQL11](../../includes/sssql11-md.md)] Service Pack 2 CU 3, [!INCLUDE [ssSQL14](../../includes/sssql14-md.md)] RTM CU 5, and later versions.<br /><br />**Scope:** Global only. |
 | <a id="tf1802"></a>**1802** | Disables ACL change and impersonated access verification during database attach or detach operations. This can be useful when attaching a database and encountering access permission errors, such as error 5120.<br /><br />**Scope:** Global only. |
 | <a id="tf1819"></a>**1819** | Allows [backup to URL](../../relational-databases/backup-restore/sql-server-backup-to-url.md) to use a proxy server when accessing Azure block blobs. In addition to this trace flag, you must set the WinHTTP proxy configuration on the server with the [netsh.exe](/windows/win32/winsock/netsh-exe) utility on [!INCLUDE [winvista-md](../../includes/winvista-md.md)], [!INCLUDE [winserver2008-md](../../includes/winserver2008-md.md)], and later versions.<br /><br />**Scope:** Global or session or query (QUERYTRACEON). |
 | <a id="tf2301"></a>**2301** | Enable advanced decision support optimizations that are specific to decision support queries. This option applies to decision support processing of large data sets.<br /><br />**Scope:** Global or session or query (QUERYTRACEON). |

docs/t-sql/statements/alter-application-role-transact-sql.md

@@ -21,7 +21,7 @@ dev_langs:
 
 # ALTER APPLICATION ROLE (Transact-SQL)
 
-[!INCLUDE [SQL Server Azure SQL Database Azure SQL Managed Instance](../../includes/applies-to-version/sql-asdb-asdbmi.md)]	
+[!INCLUDE [SQL Server Azure SQL Database Azure SQL Managed Instance](../../includes/applies-to-version/sql-asdb-asdbmi.md)]    
 
   Changes the name, password, or default schema of an application role.  
 
@@ -62,10 +62,10 @@ If the new application role name already exists in the database, the statement w
 >  Password expiration policy is not applied to application role passwords. For this reason, take extra care in selecting strong passwords. Applications that invoke application roles must store their passwords.  
   
  Application roles are visible in the sys.database_principals catalog view.  
-  
-> [!CAUTION]  
->  In [!INCLUDE[ssVersion2005](../../includes/ssversion2005-md.md)]the behavior of schemas changed from the behavior in earlier versions of [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)]. Code that assumes that schemas are equivalent to database users may not return correct results. Old catalog views, including sysobjects, should not be used in a database in which any of the following DDL statements has ever been used: CREATE SCHEMA, ALTER SCHEMA, DROP SCHEMA, CREATE USER, ALTER USER, DROP USER, CREATE ROLE, ALTER ROLE, DROP ROLE, CREATE APPROLE, ALTER APPROLE, DROP APPROLE, ALTER AUTHORIZATION. In a database in which any of these statements has ever been used, you must use the new catalog views. The new catalog views take into account the separation of principals and schemas that is introduced in [!INCLUDE[ssVersion2005](../../includes/ssversion2005-md.md)]. For more information about catalog views, see [Catalog Views (Transact-SQL)](../../relational-databases/system-catalog-views/catalog-views-transact-sql.md).  
-  
+
+> [!NOTE]  
+> [!INCLUDE [sscautionuserschema-md](../../includes/sscautionuserschema-md.md)]
+
 ## Permissions  
  Requires ALTER ANY APPLICATION ROLE permission on the database. To change the default schema, the user also needs ALTER permission on the application role. An application role can alter its own default schema, but not its name or password.  
 

docs/t-sql/statements/alter-authorization-transact-sql.md

@@ -171,8 +171,8 @@ The SCHEMA OWNER option is only valid when you are transferring ownership of a s
 
 If the target entity is not a database and the entity is being transferred to a new owner, all permissions on the target will be dropped.
 
-> [!CAUTION]
-> In [!INCLUDE[ssVersion2005](../../includes/ssversion2005-md.md)], the behavior of schemas changed from the behavior in earlier versions of [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)]. Code that assumes that schemas are equivalent to database users may not return correct results. Old catalog views, including sysobjects, should not be used in a database in which any of the following DDL statements has ever been used: CREATE SCHEMA, ALTER SCHEMA, DROP SCHEMA, CREATE USER, ALTER USER, DROP USER, CREATE ROLE, ALTER ROLE, DROP ROLE, CREATE APPROLE, ALTER APPROLE, DROP APPROLE, ALTER AUTHORIZATION. In a database in which any of these statements has ever been used, you must use the new catalog views. The new catalog views take into account the separation of principals and schemas that was introduced in [!INCLUDE[ssVersion2005](../../includes/ssversion2005-md.md)]. For more information about catalog views, see [Catalog Views (Transact-SQL)](../../relational-databases/system-catalog-views/catalog-views-transact-sql.md).
+> [!NOTE]  
+> [!INCLUDE [sscautionuserschema-md](../../includes/sscautionuserschema-md.md)]
 
  Also, note the following:
 

docs/t-sql/statements/alter-schema-transact-sql.md

@@ -78,8 +78,8 @@ ALTER SCHEMA schema_name
 
  ALTER SCHEMA uses a schema level lock.
 
-> [!CAUTION]  
->  [!INCLUDE[ssCautionUserSchema](../../includes/sscautionuserschema-md.md)]  
+> [!NOTE]  
+> [!INCLUDE[ssCautionUserSchema](../../includes/sscautionuserschema-md.md)]  
   
 ## Permissions  
  To transfer a securable from another schema, the current user must have CONTROL permission on the securable (not schema) and ALTER permission on the target schema.  

docs/t-sql/statements/alter-user-transact-sql.md

@@ -169,7 +169,7 @@ NAME = new_user_name
 
 The name of a user mapped to a [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] login, a certificate, or an asymmetric key can't contain the backslash character (`\`).
 
-> [!CAUTION]
+> [!NOTE]  
 > [!INCLUDE[ssCautionUserSchema](../../includes/sscautionuserschema-md.md)]
 
 ## Security
@@ -422,7 +422,7 @@ Setting the default schema to `NULL` removes a default schema from a user create
 
 The name of a user mapped to a [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] login, a certificate, or an asymmetric key can't contain the backslash character (`\`).
 
-> [!CAUTION]
+> [!NOTE]  
 > [!INCLUDE[ssCautionUserSchema](../../includes/sscautionuserschema-md.md)]
 
 ### Fabric SQL database
@@ -677,7 +677,7 @@ ALTER USER user_name
 
 The name of a user mapped to a [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] login, a certificate, or an asymmetric key can't contain the backslash character (`\`).
 
-> [!CAUTION]
+> [!NOTE]  
 > [!INCLUDE[ssCautionUserSchema](../../includes/sscautionuserschema-md.md)]
 
 ### Remarks for Windows users in SQL on-premises migrated to Azure SQL Managed Instance
@@ -915,7 +915,7 @@ ALTER USER user_name
 
 The name of a user mapped to a [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] login, a certificate, or an asymmetric key can't contain the backslash character (`\`).
 
-> [!CAUTION]
+> [!NOTE]  
 > [!INCLUDE[ssCautionUserSchema](../../includes/sscautionuserschema-md.md)]
 
 ## Security
@@ -1054,7 +1054,7 @@ ALTER USER user_name
 
 The name of a user mapped to a [!INCLUDE[ssNoVersion](../../includes/ssnoversion-md.md)] login, a certificate, or an asymmetric key can't contain the backslash character (`\`).
 
-> [!CAUTION]
+> [!NOTE]  
 > [!INCLUDE[ssCautionUserSchema](../../includes/sscautionuserschema-md.md)]
 
 ## Security

docs/t-sql/statements/create-application-role-transact-sql.md

@@ -55,8 +55,8 @@ CREATE APPLICATION ROLE application_role_name
 
  For information about how to use application roles, see [Application Roles](../../relational-databases/security/authentication-access/application-roles.md).  
 
-> [!CAUTION]  
->  [!INCLUDE[ssCautionUserSchema](../../includes/sscautionuserschema-md.md)]  
+> [!NOTE]  
+> [!INCLUDE[ssCautionUserSchema](../../includes/sscautionuserschema-md.md)]  
   
 ## Permissions  
  Requires ALTER ANY APPLICATION ROLE permission on the database.  

docs/t-sql/statements/create-role-transact-sql.md

@@ -53,9 +53,9 @@ CREATE ROLE role_name [ AUTHORIZATION owner_name ]
  Database roles are visible in the sys.database_role_members and sys.database_principals catalog views.  
 
  For information about designing a permissions system, see [Getting Started with Database Engine Permissions](../../relational-databases/security/authentication-access/getting-started-with-database-engine-permissions.md).  
-  
-> [!CAUTION]  
->  [!INCLUDE[ssCautionUserSchema](../../includes/sscautionuserschema-md.md)]  
+
+> [!NOTE]  
+> [!INCLUDE[ssCautionUserSchema](../../includes/sscautionuserschema-md.md)]  
   
 ## Permissions  
  Requires **CREATE ROLE** permission on the database or membership in the **db_securityadmin** fixed database role. When you use the **AUTHORIZATION** option, the following permissions are also required:  

docs/t-sql/statements/create-schema-transact-sql.md

@@ -98,8 +98,8 @@ CREATE SCHEMA schema_name [ AUTHORIZATION owner_name ] [;]
 
  The new schema is owned by one of the following database-level principals: database user, database role, or application role. Objects created within a schema are owned by the owner of the schema, and have a NULL **principal_id** in **sys.objects**. Ownership of schema-contained objects can be transferred to any database-level principal, but the schema owner always retains CONTROL permission on objects within the schema.  
 
-> [!CAUTION]  
->  [!INCLUDE[ssCautionUserSchema](../../includes/sscautionuserschema-md.md)]  
+> [!NOTE]  
+> [!INCLUDE[ssCautionUserSchema](../../includes/sscautionuserschema-md.md)]  
   
  **Implicit Schema and User Creation**