This document discusses the new security model introduced in SQL Server 2005. It covers principals and securables, the new schema model, security for CLR, database mirroring, and tips for configuring security. Specific features covered include new permission types like CONTROL and IMPERSONATE, using schemas to centralize permissions, defining service accounts, and minimizing exposed surface area through configuration. The document provides guidance on implementing a balanced security approach in SQL Server 2005.
Installation of MySQL 5.1 Cluster Software on the Solaris 10 ...
SQL Server
1. INSIDE
SQL Server • 03 Principals and
securables
InSIder
• 05 New schema
model
• 09 Security for
CLR
Tips for SQL Server pros May 2007 • 14 article 1:
Database
mirroring and
its witness
New security model • 17 article 2:
Find and fix
resource-
in SQL Server 2005
intensive
SQL Server
queries
Organizations traditionally spend little
money to secure the database server level.
Instead, security is added to the to-do list
of DBAs and developers. Get familiar with
the security features in SQL Server 2005,
and allow them to make your job easier.
Brought to you by SearchSQLServer.com
3
2. SearchSQLServer.com New security model in SQL Server 2005
New Security Model
Michelle Gutzait
works as
a senior
in SQL Server 2005 database
consultant
By MIcheLLe GuTzAIT for Itergy
International Inc.,
O
an IT consulting firm
specializing in the design,
implementation, security
rganizations don’t tend aged and controlled. In many and support of Microsoft
to invest in securing cases, security standards are products in the enterprise.
SQL Server instances created after applications and
Gutzait has been involved
and databases. Instead, databases are deployed, and
in IT for 20 years as
there is a tendency to that makes them difficult to
leave security consid- implement.
a developer, business
erations to database admin- Whenever possible, you analyst and database
istrators and developers. The should plan security standards consultant. For the last
problem is that if there are no according to existing and future 10 years, she has worked
defined security standards, it applications. Security consid- exclusively with SQL
may leave data vulnerable. erations should always be part Server. Her skills include
Security standards are impor- of the database and application SQL Server infrastructure
tant for any organization. The design. For an existing environ- design, database design,
problem is that it is not enough ment, the best approach is to performance tuning,
just to develop them — they plan and formulate the security security, high availability,
should also be applied, man- modifications step by step. VLDBs, replication and
T-SQL/packages coding.
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
3. SearchSQLServer.com New security model in SQL Server 2005
PrinciPals and securables in sQl server 005
The new security model in SQL 2005 defines two main security objects — principals and securables:
principals are entities that can there are three types of principals:
request SQL Server resources. windows-level sql server-level database-level
They can be arranged in a hi- principals principal principals
erarchy. A principal inherits • Windows domain • SQL Server login • Database user
the permissions given to it in a login • Database role
higher level of that hierarchy. • Windows local login • Application role
every principal has a security
identifier, or SID.
securables are the resources the securable scopes:
to which the SQL Server data- server level database level schema level
base engine authorization
• Endpoint • Database user • Type
system regulates access. Some
• Database • Database role • XML schema collection
securables can be contained • Application role • Object
within others, creating nested • Assembly • Function
hierarchies called scopes, which • Message type • Procedure
• Route • Queue
can, themselves, be secured. • Service • Synonym
Access to securables can be • Remote service binding • Table
• Fulltext catalog • View
• Certificate
• Asymmetric key
• Symmetric key
• Contract
• Schema
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
4. SearchSQLServer.com New security model in SQL Server 2005
granted for principals in each new Permission -- grant permissions on the
level. delegation caPability -- user “Michelle”:
For example, a database user In SQL Server 2005, more USE AdventureWorks;
or a database role, which can permissions can be given both GRANT CONTROL ON USER::
contain zero or more users, can in the instance and in the da- Michelle TO Joseph;
get access to a database ob- tabase level than in previous
ject or to a database schema, releases. Also, permissions „ ALTER ANY – provides the
which can contain zero or more can now be inherited — for ability to alter properties
objects. Also, a database user example, permissions given to of an object. Depending on
or role can get permissions to a schema are inherited by the the scope, inheritance can
view definitions and to grant schema’s objects. here are ex- be limited to objects of a
permissions to another data- amples of new permissions: specific type. For example,
base user or role. its variation in the form
As in previous versions, a „ CONTROL – functionally ALTER ANY ‘object_type’
user who wants to access data equivalent to all permis- grants permissions to
from a database must pass sions granted to the ob- modify every instance of
through two stages of authenti- ject’s owner and inherited ‘object_type’ within server
cation — one at the SQL Server by all subentities within its or database scope. For
level (login) and the other at scope. Principals that have example:
the database level (user). CONTROL permission on a ALTER ANY DATABASE DDL
securable can grant per- TRIGGER
mission on that securable. ALTER ANY SCHEMA
For example: ALTER ANY ROLE
-- Grant CONTROL
-- permission on
-- AdventureWorks user
-- Michelle to user Joseph
-- now the user Joseph can
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
5. SearchSQLServer.com New security model in SQL Server 2005
„ IMPERSONATE – permits
impersonating another
user, without requiring
DEFINITION TO public
-- Grant role “public” to
-- view any object definition
ø Use synonyms when you want
to keep an object name under a
specific schema, but that object
resides in a different schema,
SysAdmin or dbo privileg- -- in the database level: different database or a different
es, as was the case in SQL GRANT VIEW DEFINITION SQL Server instance.
Server 2000. For example: TO public
-- Grants IMPERSONATE -- Grant VIEW DEFINITION database objects? In SQL Serv-
-- permission on user -- permission on er 2005, that problem has been
-- Michelle to -- AdventureWorks role solved by moving the object
-- AdventureWorks -- Accountants together definition under the “schema”
-- application role -- with GRANT OPTION to object.
-- Accountants. -- database user Michelle Schema can have an owner,
-- The role Accountants can -- (now user Michelle can which can be easily reassigned
-- now impersonate -- view the definition of the without having to change the
-- Michelle: -- Accountants role and ownership of each object. Also,
USE AdventureWorks; -- grant it permissions): applications will not break if
GRANT IMPERSONATE USE AdventureWorks; they reference the schema
ON USER::Michelle TO GRANT VIEW DEFINITION name before the object name
Accountants; ON ROLE::Accountants when the object’s ownership
TO Michelle WITH GRANT is shifted. It is still possible to
„ VIEW DEFINITION – gives OPTION; grant permission to an object,
read access to an object’s such as a table. But as a best
metadata via catalog the strength of the new practice, centralize permissions
views. For example: schema model by schema, not by objects.
-- Grant role “public” to view how many times have you tried
-- any object definition to delete a user from your SQL when to use synonyms
-- in the instance level: Server 2000 database and A synonym is an alternative
GRANT VIEW ANY couldn’t because it was owning name given to a schema-
5
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
6. SearchSQLServer.com New security model in SQL Server 2005
scoped object. The synonym sions, the second run will wait synGetAuthorName FOR
is created under the schema until the first transaction ends. pubs.dbo.fnGetAuthorName;
object but not bound to it. In SELECT dbo.
other words, the deletion of the It seems that the best choice synGetAuthorName(‘171-10-
synonym will not issue an error for using synonyms is when you 1178’)
message if it is used in another would like to keep an object
object. The synonym is used name under a specific schema, ddl triggers
during runtime, so the object but the object resides in a dif- The new DDL Triggers option,
names are not verified during ferent schema or in a differ- among other things, allows
the synonym’s creation. you ent database or different SQL DBAs to control security issues,
can grant permissions on syn- Server instance. use a synonym such as automating grant per-
onyms. For example: instead of using a view if the missions or auditing.
-- First result will be from synonym is for a table. For ex- here is an example of a DDL
-- publishers_1: ample: trigger from the Microsoft De-
DROP SYNONYM publish -- Table resides in another veloper Network (MSDN):
CREATE SYNONYM publish -- schema: -- Grant VIEW DEFINITION
FOR pubs.dbo.publishers_1 CREATE SYNONYM -- on each created role or
SELECT * FROM publish Schema1.Authors -- user to public:
-- Second result will be from FOR Schema2.dbo.Authors CREATE TRIGGER
-- publishers_2: -- Table resides in another GrantViewDefOnPrincipal
DROP SYNONYM publish -- server (myserverSQL2005 ON DATABASE
CREATE SYNONYM publish -- is a Linked Server): FOR CREATE_USER,
FOR pubs.dbo.publishers_2 CREATE SYNONYM dbo. CREATE_ROLE
SELECT * FROM publish RemoteAuthors AS
Note that the synonym is a FOR [myserverSQL2005]. DECLARE
database object. If you try to pubs.dbo.authors @event_type sysname,
run the above code as a trans- -- Synonym for a function: @principal_name sysname,
action from two different ses- CREATE SYNONYM @sql nvarchar(max);
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
7. SearchSQLServer.com New security model in SQL Server 2005
SELECT @sql = security configurations is really necessary.
‘(/EVENT_INSTANCE/’+ for sQl server „ use a small number of
‘EventType) [1]’; There are two extreme methods database roles to which
SELECT @event_type = of applying security: you grant permissions.
eventdata().value „ ThE LAzY MODEL – The Don’t grant permissions on
(@sql,’sysname’), less security, the better. a per-user basis.
@principal_name = This may result in either „ use only stored proce-
eventdata().value giving too many or too few dures to access the data
(@sql,’sysname’); permissions, but security and grant permissions to
IF (@event_type = management is easier and these stored procedures.
‘CREATE_USER’) less complicated. „ Allow only one owner-
SELECT @sql = „ SECuRE EVERYThINg ship to all the objects and
‘GRANT VIEW ‘ + POSSIbLE. This may com- schemas. This will simplify
‘DEFINITION ON ‘ + plicate the environment, granting the permissions
‘USER :: ‘ + producing more manage- and will help avoid permis-
@principal_name + ment effort. sion chains.
‘ TO PUBLIC ‘ ;
ELSE Most organizations are using defining service
SELECT @sql = a security model that is be- accounts
‘GRANT VIEW ‘ + tween these two extremes. In previous versions, it was
‘DEFINITION ON ‘ + When designing a security easier to add SQL Server and
‘ROLE :: ‘ + model, try to keep it simple but SQL Server Agent services ac-
@principal_name + satisfying. For example: counts to the sysadmin group
‘ TO PUBLIC ‘ ; „ Decide that the schema is than to play with the Group
EXEC (@sql) the most granular unit to Policy Objects or permissions
which you grant permis- of that account.
sions. Don’t grant permis- In SQL Server 2005, the SQL
sion to an object, unless it Server service account:
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
8. SearchSQLServer.com New security model in SQL Server 2005
„ Requires less privilege password expiration poli- If so, few features such as the
than in previous versions. cies because changing the xp_cmdshell Stored Procedure
It can now be defined as password of the service and ad hoc queries through
a member of the users account does not require linked servers — OPeNROW-
group (non-domain user) restarting SQL Server SeT and OPeNDATASOuRce
or Domain users group 2005. — are disabled by default in a
(domain user). During newly installed instance of SQL
installation, the user is The SQL Server Agent ser- Server 2005.
automatically placed in the vice account requires sysadmin Database mail is another
SQL Server service group privileges in the SQL Server great new feature in SQL Server
and the group is granted instance it is associated with. 2005. you might go through the
exactly the privileges that however, in SQL Server 2005, complicated process of config-
it needs. SQL Server Agent job steps uring SQL Mail in SQL 2000,
„ Should be changed only can be configured to use prox- or you might be using an alter-
by using SQL Server Con- ies that encapsulate alternate native method of running SQL
figuration Manager or by credentials. Mail, like SP_SQLSMTPMail or
using the equivalent func- xp_smtp_sendmail. Note that
tionality in the Windows surface area there is a problem using this
Management Instrumen- configuration feature. If there is a bug in the
tation (WMI) APIs. using SQL Server 2005 installation database program or SSIS pack-
Configuration Manager minimizes the “attack surface” age, it can easily flood the mail
ensures that the new ser- because, by default, optional server.
vice account is placed in features are not installed. It’s The SQL Server Surface Area
the appropriate Windows possible to turn off the features configuration command-line
group and is thus granted in SQL Server Surface Area interface, sac.exe, makes it
exactly the correct privi- configuration or use the system possible to import and export
leges to run the service. stored procedure sp_configure. settings. This enables you to
„ Can be configured by upgrading from SQL 2000? standardize the configuration
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
9. SearchSQLServer.com New security model in SQL Server 2005
of a group of SQL Server 2005 not gain a higher security If you do decide to use en-
instances. For example: level than it needs -- for cryption, remember that en-
sac in server1.out –S example, by impersonating cryption and decryption algo-
MyServer the SQL Server Service or rithms are comparably heavy to
SQL Server Agent service run. First, never index encrypted
integration and account. columns. Also, test the encryp-
security for common „ Managed code should tion-decryption performance
language runtime access local resources as on the expected amount of data
The security model of the Mi- much as possible. and application functionality
crosoft SQL Server integra- before you decide to use it.
tion with the Microsoft .NeT SQL Server now integrates
Framework common language the user-based security model other security enhance-
runtime (cLR) manages and of SQL Server with the code ments in sQl 005
secures access between differ- access-based security model of here are descriptions of a few
ent types of cLR and non-cLR the cLR. more security enhancements:
objects running within SQL „ With SQL Server 2005,
Server. data encryPtion you can alter the execu-
Because cLR programs can Data encryption is a great new tion context with the EX-
affect the stability and robust- feature in SQL Server 2005, but ECuTE AS clause available
ness of the SQL Server environ- you should use it wisely and as part of the definition of
ment, it is important to follow only if necessary. Remember stored procedures, func-
these best practices: that using this feature will re- tions, queues and triggers.
„ Protect the non-SQL Serv- sult in performance and admin- EXECuTE AS can also be
er resources, such as net- istrative issues. Generally, SQL used to set the execution
work and operating system Server and database permis- context within a SQL batch
resources, with a higher sions can be enough for most instead of SETuSER. The
security level. applications when they are well execution context choices
„ Managed code should planned and applied. are:
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
10. SearchSQLServer.com New security model in SQL Server 2005
• execute as caller — the and the key/certificate’s „ Endpoint-based authenti-
caller of the procedure (no permissions. cation is used to provide
impersonation). This is the „ Direct access to system secure communication
only pre-SQL Server 2005 tables is no longer allowed. in scenarios where SQL
behavior. Instead, they are exposed Server 2005, running on
• execute as owner — the through catalog views, Windows Server 2003,
owner of the procedure. encompassing both server functions natively as a
• execute as self — the and database-wide set- Web service, listening and
creator of the procedure. tings. responding to hTTP SOAP
• execute as ‘username’ „ SQL Server 2005 can requests.
— a specific user. manage SQL Server ac- „ Permissions on DTS pack-
„ Server 2005 offers a much count password and ages in SQL 2000 were
more granular way of as- lockout properties (such difficult to manage. SSIS
sociating privileges with as password complexity, packages are flexible and
procedural code with code password expiration and can run in different ways.
signing. by using the ADD account lockout) with local „ Microsoft baseline Se-
SIgNATuRE DDL state- and domain-based group curity Analyzer (MbSA)
ment, you can sign the Policies. This functionality is a utility that scans for
procedure with a certifi- is available only on Win- common insecurities in a
cate or asymmetric key. A dows 2003 Server sys- SQL Server configuration.
user can then be created tems. Example: Run MbSA on a regularly
for the certificate or asym- CREATE LOGIN Michelle scheduled basis, either
metric key itself and per- WITH locally or across the net-
missions assigned to that PASSWORD = work.
user. When the procedure ‘Change$NxtLogin’ MUST_
is executed, the code ex- CHANGE, xP_cmdshell handy
ecutes with a combination CHECK_EXPIRATION = ON, examPles
of the caller’s permissions CHECK_POLICY = ON xp_cmdshell is a very powerful
0
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
11. SearchSQLServer.com New security model in SQL Server 2005
Stored Procedure. In SQL Server 1 delete a specific file on the security best practices. They will
2000, it is enabled by default. c:temp directory in each of run on SQL Server 2000 as well
In SQL Server 2005, it is dis- these servers. as on SQL 2005.
abled by default. 2 collect the list of the in-
With sp_cmdshell you could stalled programs and tools
run the following command: on each of the servers, prior
Exec xp_cmdshell ‘del /S c:’ to consolidation. links for sql server
which deletes the c: drive and you could go computer by Security Considerations for
all its subdirectories in the computer and do these two Integration Services
server where the SQL Server tasks. you could write code. http://msdn2.microsoft.com/
instance is running. Oops, sorry, you are a DBA— en-us/library/ms137833.aspx
If I am doing so as the sa or but what could be easier than
in the sysadmin role in SQL and to create a table with the SQL Security Considerations for
the SQL Server Service account Server instances names, create SQL Server
is a sysadmin on the computer a cursor on them and then loop http://msdn2.microsoft.com/
running the SQL Server, it can and run what’s needed to be en-us/library/ms161948.aspx
be too powerful. run?
But here are two examples In Task 1, you’ll see code to CLR Integration Security
where you could use xp_cmd- delete a file, which results in no http://msdn2.microsoft.com/
shell because it is quicker and output. en-us/library/ms131071.aspx
more straightforward: In Task 2, you’ll see code to
Imagine that you have more show the contents of a directo- SQL Server 2005 Best
than 30 servers hosting SQL ry on a server. here, you’ll find Practices Analyzer
Server instances. the results of the code in Task http://www.microsoft.
your manager asks you to do 2, assuming it ran against only com/downloads/details.
two things: one server. aspx?FamilyId=DA0531e4-
note: These two examples are e94c-4991-82FA-F0e3FBD05e
not secured and are against 63displaylang=en
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
12. Advertorial
Stately IT The Pennsylvania State University
Dell Services helped Penn State
upgrade the hardware foundation for
its learning management system using
Dell™ PowerEdge™ 6850 servers
and Microsoft SQL Server 2005
Since its founding in 1855 as a small agricultural college dedicated to applying
scientific principles to farming, The Pennsylvania State University—affectionately
known as Penn State—has grown into a world-class learning institution with more
than 84,000 enrolled students.
Like many universities, Penn State uses learning management system (LMS)
technology to help manage academic course content. Unfortunately, until recently
the university’s system was plagued with performance and scalability issues due to
an aging hardware infrastructure.
The university’s IT staff turned to trusted longtime technology partner Dell for
answers. Working closely with Dell Services, the staff tested the LMS on a new
hardware architecture. “We found that Dell hardware offered excellent performance
for the LMS and enabled us to handle more users than the previous system,” explains
Lowell Smith, database administrator at Penn State.
— Alex Pollock, Lead Database Administrator,
The Penn State University
73
13. Advertorial
Stately IT The Pennsylvania State University
With such positive test results in hand, the Penn State IT team felt confident
deploying a hardware infrastructure, including Dell™ PowerEdge™ 6850 servers, on
which Penn State runs Microsoft SQL Server 2005 Enterprise to provide database
support for the LMS. According to Alex Pollock, lead database administrator at
Penn State, the combination of Dell PowerEdge servers with SQL Server has resulted
in impressive performance gains for the LMS compared to the previous system.
“Re-indexing used to take four hours—completing outside our maintenance window,”
Pollock states. “Once we went to SQL Server 2005 on the PowerEdge 6850 servers,
the whole process could be completed in half an hour—eight times faster.”
Even though the user load has more than doubled, the performance of the ANGEL
system is impressive: application availability is exceptional and hardware utilization
is nowhere near capacity. “Our user load has skyrocketed in recent months—now we
are experiencing 1.4 million Web hits on the system per hour,” notes Peter Dawson,
manager of mid-tier infrastructure for Administrative Information Services at Penn
State. “But even under that load, our servers are running at 25 to 30 percent capacity,
which indicates that we have plenty of room to grow.
To view the entire story, go to www.dell.com
73
14. SearchSQLServer.com Database mirroring and its witness
SQLServer Insider Backup and RecoveRy Greg Robidoux
is the
president
Database mirroring
and
founder
of Edgewood
and its witness Solutions LLC, a
technology services
company delivering
By GReG ROBIDOux professional services
and product solutions
for Microsoft
SQL Server 2005’s database mirroring feature offers new function-
SQL Server. He
ality that allows you to configure database failover much easier than
in the past. When configuring database mirroring, one option is to
has authored
use the high Availability mode. This option allows for synchronizing numerous articles
of transaction writes on both servers, as well as offers the ability of and has delivered
automated failover. When using the high Availability mode, you need presentations at
to have three instances of SQL Server: the principal, mirror and the regional SQL Server
witness. here is a summary of what each component does. users groups and
national SQL Server
„ PRINCIPAL – this is the instance that stores the active database.
„ MIRROR – this is the instance that receives transactions to keep
events. Robidoux
the mirrored database in sync. also serves as the
„ WITNESS – this is the instance that communicates with the prin- SearchSQLServer.com
cipal and mirror to determine if failover should occur. Backup and Recovery
expert.
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
15. SearchSQLServer.com Database mirroring and its witness
what is the role of the ability mode and you want, primary data center, your mirror
witness server? or need, automatic failover. and witness can communicate
The witness is a third instance This instance doesn’t do much and take over the job.
of SQL Server 2005 that acts more than communicate with Physical location is not the
as an intermediary between the principal and the mirror to only point of concern when
the principal and the mirror in make sure they are still alive. placing your witness. It would
order to determine when to fail No database activity is occur- also make sense to install the
over. By having a third instance, ring on this instance, just com- witness on a different physical
it creates the ability to have a munication between the three server. It is possible to create
2–1 vote that says one of my components. three instances on one server
components is not available and set up database mirroring.
and, therefore, I am going to where should the But, if you are trying to elimi-
fail over. Because of the need witness be? nate hardware failure as a pos-
to determine if the components This really depends on your sible cause of downtime, the
are online or offline before an network configuration and the witness should be installed on a
automatic failover, the witness reliability of your components. different piece of hardware.
server is only needed when If you implement this over a If you are trying to eliminate
you implement the high Avail- WAN and have periodic net- data center outages, it makes
ø
work glitches by having the sense to have your mirror in
You can create three witness near the principal, then a different physical location.
instances on one server you can eliminate some un- Based on this assumption, you
when setting up database necessary failovers. In addition, should keep the witness and
mirroring. But, if you if your primary data center has the principal in the same data
are trying to eliminate some issues and you want to center and your mirror in a dif-
downtime caused by
ensure your database stays on- ferent location.
hardware failure, install
the witness on a different line, it may make sense to keep
piece of hardware. this with the mirror. Therefore,
if there are any issues in your
5
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
16. SearchSQLServer.com Database mirroring and its witness
what version of sQl what haPPens if the summary Implementing the
server 005 for the witness fails? high Availability mode of data-
witness? Because the witness is just one base mirroring is pretty straight-
The witness server can run of the three components, if it forward by just implementing
on any version of SQL Server fails, it does not necessarily another instance of SQL Server
2005, including the express mean that a failover will occur. to act as the witness. Although
edition. The principal and mir- As long as the principal and mir- from that perspective it is fairly
ror can only run on the Stan- ror can still communicate with easy, you should implement
dard, enterprise and Developer each other, there is no need for a database mirroring in differ-
editions of SQL Server 2005. failover. Therefore, the failure of ent phases until you get the
just the witness will not trigger hang of how it works and when
what kind of server an automated failover. it will kick in. using the high
does the witness run Protection mode as the first
on? how does failover work? implementation probably makes
you can install the witness on Since three components make more sense than jumping right
any hardware and operating up the high Availability mode, into the high Availability mode.
system that supports the ver- two of these components need either way, though, take the
sion of SQL Server 2005 you to determine that a problem time to test this new component
are using for the witness. Be- has occurred and then initiate of SQL Server 2005 before you
cause of the nature and role a failover. If the principal server take the leap into using it as part
of the witness, I suggest using fails and the witness and mir- of your production failover strat-
hardware that you feel is reli- ror can still communicate, the egy.
able and will not cause further failover process will kick in. The Get a step-by-step explana-
complications when imple- mirror will become the principal tion to setting up database mir-
menting and utilizing database and the witness will continue to roring in a previous article titled
mirroring. perform its duties as the witness Database mirroring setup in SQL
server. Server 2005 found at Search
SQL Server.com.
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
17. SearchSQLServer.com Find and fix resource-intensive SQL Server queries
SQLServer Insider peRfoRmance Jeremy Kadlec
is the
Find and fix
principal
database
engineer at
resource-intensive Edgewood Solutions,
a technology services
SQL Server queries company delivering
professional services
and product solutions
By JeReMy KADLec for Microsoft SQL
Server. He has
Taming resource-intensive SQL Server queries is no small authored numerous
articles and
task. Finding them can be a challenge and fixing them delivers frequent
is typically unique to the query. Here are five common presentations
resource-intensive queries with possible resolutions. regionally and
nationally. He
how to find resource- perceived as slow, the root cause authored the
intensive Queries and resolution can be much more
“Rational Guide
Identifying resource-intensive complex. The following resources
queries is simple when your ap- will help you address common
to IT Project
plication experiences performance problems: Management” and is
issues and users communicate „ To identify resource-intensive the SearchSQLServer.
when and where the issues oc- queries, leverage SQL Server com performance and
cur. If the overall application is 2000 Profiler. tuning expert.
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
18. SearchSQLServer.com Find and fix resource-intensive SQL Server queries
„ To determine how the opti- While users have to ask for this information, you can create
mizer processes the code these figures for business rea- the necessary index to support
internally, review individu- sons, the queries may cause a the query and avoid costly table
al query plans in a graphi- significant resource drain. scanning.
cal format using Query To balance the need to run
Analyzer. resource-intensive queries and large result sets
„ To access query plans, use retrieve timely data for users, Querying for hundreds or
the T-SQL command SET change the process to execute thousands of rows while only
ShOWPLAN_ALL or SET a stored procedure on a pre- displaying 10 to 50 rows in the
ShOWPLAN_TEXT for a defined basis, which populates application is certainly a drain
textual view of the output a table that stores the aggre- on SQL Server, especially when
from the SQL Server opti- gate results. Then have users the query is frequently issued
mizer. access the aggregated data by the same user. Since the
instead of issuing the resource- data isn’t going to change, the
intensive query. application’s throughput would
calculation Queries benefit from caching that data
users in management and table scanning on the Web server using ADO.
executive management posi- Table scanning is probably the NeT. Another option would be
tions issue calculation queries single biggest offender of drain- to cache the IDs or the unique
throughout the day. They calcu- ing SQL Server resources. The identifier for the result set and
late figures over a long period good news is that the problem query for the detailed data as
of time with a primarily static is usually easy to fix. The best the data is browsed. A final op-
data set (i.e., calculating year- way to diagnose this resource tion I have seen work well is to
to-date sales or monthly inven- drainer is to review the query issue the query with a cOuNT
tory figures). Depending on plan. The SQL Server optimizer clause and let users know how
your applications, the calcula- will indicate which portion of much data will be returned. If it
tions may be different, although the query is scanning tables by is a significant amount of data,
the premise remains the same. table and column name. With fine-tune the query param-
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
19. SearchSQLServer.com Find and fix resource-intensive SQL Server queries
eters to reduce the result set;
not many users will be able to
that execute one or more times
per second using few resources
SQL Server
review a large result set, which
just becomes overwhelming.
— but the number of aggregate
resources used is staggering.
InSIder
They don’t only eat up SQL is brought to you by
cursors Server resources, but also an SearchSQLServer.com.
cursors are notorious for quick- excessive amount of network The stories “Database
ly turning a high-end server into round trips. you can expect to mirroring and its
a single-user machine. cursors see this happen in Web-based witness” and “Find and
typically build a large data set applications. If you store data in
fix resource-intensive
and process data one row at a session variable or cookie, the
a time, which often serializes problem is resolved. SQL Server queries”
the processing. Originally de- originally appeared on
veloped for ISAM and VSAM summary Take a step back SearchSQLServer.com.
databases, Microsoft included and think about how your ap-
support for this processing from plications interact with SQL
the earliest versions of SQL Server from a functional per- editors
Server. Although they are a vi- spective. Think about com- christine casatelli
able way to perform data pro- plaints users have had histori- heidi Sweeney
cessing, they are not efficient cally about the application as copy editor
— and your goal should be to well as long-running processes. Martha Moore
migrate away from cursors and Observe how users work with design director
use set-based logic. the applications and make per- Ronn campisi
formance improvements in the www.ronncampisi.com
single Queries that run code based on how users have
rePeatedly evolved with the application.
Some of the most deviant sets
of queries are single queries
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 73
20. SearchSQLServer.com New security model in SQL Server 2005
Additional Resources from Dell
Ø Embracing a new level of user experience:the hardware foundation for its learning management system
Dell Services helped Penn State upgrade
http://www.dell.com/content/topics/global.aspx/casestudies/en/2007_penn?c=uscs=555l=ens=biz
Ø SQL Server 2005: Preparing for a Smooth Upgrade
http://www.dell.com/downloads/global/power/ps1q06-20060126-Microsoft.pdf
Ø Maximizing SQL Server Performance
http://www.dell.com/downloads/global/power/ps4q05-20050272-Symantec.pdf
Ø http://www.dell.com/content/topics/global.aspx/power/en/setc?c=uscs=555l=ens=biz
The Scalable Enterprise Technology Center
Ø Microsoft SQL Server 2005 Virtualization
http://www.dell.com/downloads/global/power/ps4q06-20060405-Muirhead.pdf
Ø The Definitive Guide to Scaling Out SQL Server 2005
http://www.dell.com/content/topics/global.aspx/alliances/en/ebook_landing?c=uscs=555l=ens=biz
0
Principals and
securables
New schema
model
Security
for CLR
Database
mirroring
Find and fix SQL
Server queries 7