Merge pull request #33934 from MicrosoftDocs/main

Albertyang0 · web-flow · commit e2bb677734b2 · 2025-04-25T10:30:32.000-07:00
4/25/2025 AM Publish
diff --git a/docs/relational-databases/security/encryption/always-encrypted-wizard-ssms-21.md b/docs/relational-databases/security/encryption/always-encrypted-wizard-ssms-21.md
@@ -130,6 +130,22 @@ Use the online approach:
 
 - To minimize the downtime/unavailability of the database to your applications.
 
+## Post migration
+
+Clear the plan cache for all batches and stored procedures that access the table to refresh parameters encryption information. 
+
+   ```sql
+   ALTER DATABASE SCOPED CONFIGURATION CLEAR PROCEDURE_CACHE;
+   ```
+
+   > [!NOTE]
+   > If you don't remove the plan for the impacted query from the cache, the first execution of the query after encryption might fail.
+   >
+   > Use `ALTER DATABASE SCOPED CONFIGURATION CLEAR PROCEDURE_CACHE` or `DBCC FREEPROCCACHE` to clear the plan cache carefully, as it can result in temporary query performance degradation. To minimize the negative impact of clearing the cache, you can selectively remove the plans for only the impacted queries.
+
+Call [sp_refresh_parameter_encryption](../../system-stored-procedures/sp-refresh-parameter-encryption-transact-sql.md) to update the metadata for the parameters of each module (stored procedure, function, view, trigger) that are persisted in [sys.parameters](../..//system-catalog-views/sys-parameters-transact-sql.md) and may have been invalidated by encrypting the columns.
+
+
 ## Related content
 
 - [Always Encrypted](../../../relational-databases/security/encryption/always-encrypted-database-engine.md)
diff --git a/docs/relational-databases/security/encryption/always-encrypted-wizard.md b/docs/relational-databases/security/encryption/always-encrypted-wizard.md
@@ -1,8 +1,8 @@
 ---
 title: "Configure column encryption using Always Encrypted Wizard"
 description: Learn how to set the Always Encrypted configuration for database columns by using the Always Encrypted Wizard in SQL Server.
-author: jaszymas
-ms.author: jaszymas
+author: Pietervanhove
+ms.author: pivanho
 ms.reviewer: vanto
 ms.date: "10/30/2019"
 ms.service: sql
@@ -91,7 +91,24 @@ If you have configured a secure enclave in your database and you're using enclav
 
 For more information about enclave attestation, see [Configure attestation for Always Encrypted using Azure Attestation](/azure/azure-sql/database/always-encrypted-enclaves-configure-attestation) 
 
-## Next steps
+## Post encryption
+
+Clear the plan cache for all batches and stored procedures that access the table to refresh parameters encryption information. 
+
+   ```sql
+   ALTER DATABASE SCOPED CONFIGURATION CLEAR PROCEDURE_CACHE;
+   ```
+
+   > [!NOTE]
+   > If you do not remove the plan for the impacted query from the cache, the first execution of the query after encryption might fail.
+   >
+   > Use `ALTER DATABASE SCOPED CONFIGURATION CLEAR PROCEDURE_CACHE` or `DBCC FREEPROCCACHE` to clear the plan cache carefully, as it can result in temporary query performance degradation. To minimize the negative impact of clearing the cache, you can selectively remove the plans for only the impacted queries.
+
+Call [sp_refresh_parameter_encryption](../../system-stored-procedures/sp-refresh-parameter-encryption-transact-sql.md) to update the metadata for the parameters of each module (stored procedure, function, view, trigger) that are persisted in [sys.parameters](../..//system-catalog-views/sys-parameters-transact-sql.md) and might have been invalidated by encrypting the columns.
+
+
+## Related content
+
 - [Query columns using Always Encrypted with SQL Server Management Studio](always-encrypted-query-columns-ssms.md)
 - [Run Transact-SQL statements using secure enclaves](always-encrypted-enclaves-query-columns.md)
 - [Develop applications using Always Encrypted](always-encrypted-client-development.md)
diff --git a/docs/relational-databases/security/encryption/configure-column-encryption-using-powershell.md b/docs/relational-databases/security/encryption/configure-column-encryption-using-powershell.md
@@ -161,7 +161,22 @@ for($i=0; $i -lt $tables.Count; $i++){
 # Decrypt all columns.
 Set-SqlColumnEncryption -ColumnEncryptionSettings $ces -InputObject $database -LogFileDirectory . -KeyVaultAccessToken $keyVaultAccessToken
 ```
- 
+
+## Post encryption
+
+Clear the plan cache for all batches and stored procedures that access the table to refresh parameters encryption information. 
+
+   ```sql
+   ALTER DATABASE SCOPED CONFIGURATION CLEAR PROCEDURE_CACHE;
+   ```
+
+   > [!NOTE]
+   > If you don't remove the plan for the impacted query from the cache, the first execution of the query after encryption might fail.
+   >
+   > Use `ALTER DATABASE SCOPED CONFIGURATION CLEAR PROCEDURE_CACHE` or `DBCC FREEPROCCACHE` to clear the plan cache carefully, as it can result in temporary query performance degradation. To minimize the negative impact of clearing the cache, you can selectively remove the plans for only the impacted queries.
+
+Call [sp_refresh_parameter_encryption](../../system-stored-procedures/sp-refresh-parameter-encryption-transact-sql.md) to update the metadata for the parameters of each module (stored procedure, function, view, trigger) that are persisted in [sys.parameters](../..//system-catalog-views/sys-parameters-transact-sql.md) and might have been invalidated by encrypting the columns.
+
 ## Next Steps
 - [Develop applications using Always Encrypted](always-encrypted-client-development.md)
 
diff --git a/docs/sql-server/azure-arc/manage-license-billing.md b/docs/sql-server/azure-arc/manage-license-billing.md
@@ -218,13 +218,16 @@ For information, see:
 - All replicas present in the operating system environment (OSE) must be a secondary replica of an Always On availability group or the forwarder of a distributed availability group.
 - No standalone database outside of an AG irrespective of [database state](../../relational-databases/databases/database-states.md#database-state-definitions).
 - No active connections to any database except master, msdb, tempdb, or model databases.
+- No instances of [associated services](#manage-ssxs) in the same OSE.
 
 If there are multiple SQL Server instances on the OSE, all instances and replicas must meet the conditions above.
 
 ### To qualify as passive node of failover clustered Instance (FCI)
 
 - The node must be passive of all FCIs present.
 - There is no standalone instance present in the node that does not qualify for AG passive replica.
+- No instances of [associated services](#manage-ssxs) in the same OSE.
+
 
 ### Limitations
 
