-->
SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 

SQL Quantum Leap

Solomon Rutzky has been working with computers since the mid 1980s. He has experience with a variety of hardware platforms, OSs, programming languages, and RDBMSs. He has focused on SQL Server since 2002, and has written articles for SQL Server Central, including the Stairway to SQLCLR series, and Simple Talk. Solomon is the founder / owner of Sql Quantum Lift, and is the creator of the popular SQL# SQLCLR library. He answers questions on a few StackExchange sites and Ask.SqlServerCentral.com.

Safely and Easily Use High-Level Permissions Without Granting Them to Anyone: Server-level

Part of having good security is giving users the fewest / least permissions possible in order to execute the code. However, we always seem to find ourselves needing to allow someone to execute something that requires one or two higher-level permissions. Yet, in order to allow for just one extra… Read more

1 comments, 291 reads

Posted in SQL Quantum Leap on 15 February 2018

SQL# Version 4.1 is released!!

Version 4.1 of SQL# has just been released!

New functionality available only in Full version

  1. Sys_LockResource
    • Returns the name of the specified Lock Resource given the Type, Subtype, DatabaseID, Description, and AssociatedEntityID.
    • Works similarly to the OBJECT_NAME and OBJECT_SCHEMA_NAME built-in functions in that you do…

Read more

1 comments, 623 reads

Posted in SQL Quantum Leap on 12 February 2018

Server Audit Mystery 2: Filtering action_id gets Error Msg 25713

This post is, for the most part, a continuation of Server Audit Mystery 1: Filtering class_type gets Error Msg 25713. In that post I was trying to filter on the class_type field / predicate source (i.e. the object, or whatever, that the event is on). The tricky part was… Read more

0 comments, 1,358 reads

Posted in SQL Quantum Leap on 30 January 2018

Will GDPR cause a “Database Run”?

What is GDPR, everyone’s (current) favorite acronym? It stands for “General Data Protection Regulation” and is an act / law / set of laws that governs the collection, retention, and use of personal information for EU (European Union) and UK citizens. It’s the topic “flavor of the month” due to… Read more

0 comments, 1,828 reads

Posted in SQL Quantum Leap on 23 January 2018

Server Audit Mystery 1: Filtering class_type gets Error Msg 25713

The other day I ran into an odd problem trying to answer the following question on DBA.StackExchange:

How to filter out Scalar Valued Function usage from SQL Server Audit Data?

According to the documentation for CREATE SERVER AUDIT, I should be able to add a WHERE clause (starting in… Read more

2 comments, 731 reads

Posted in SQL Quantum Leap on 22 January 2018

Stored Procedure / Function / View / Trigger Definitions Can Be Wrong, Even If sp_rename Was Never Used

SQL Server stores the full definition of certain T-SQL objects — Stored Procedures, Functions, Views, and Triggers — in their original form, as they are being created. In fact, the entire batch containing the CREATE statement is stored, which is quite likely why no other statements are allowed in a… Read more

2 comments, 267 reads

Posted in SQL Quantum Leap on 9 January 2018

PLEASE, Please, please Stop Using Impersonation, TRUSTWORTHY, and Cross-DB Ownership Chaining

Despite features added in SQL Server 2005 (yes, 2005!) that allow for very flexible, granular, and robust security, it is still quite common for people to be using the older, riskier mechanisms of temporarily granting additional privileges.

What follows is an overview of a presentation that I have given a… Read more

2 comments, 780 reads

Posted in SQL Quantum Leap on 30 December 2017

Which Collation is Used to Convert NVARCHAR to VARCHAR in a WHERE Condition? (Part B of 2: “Rabbit”)

(If you’re reading this on SQL Server Central, please click here to see the “Featured Image” which will help explain the “Duck” vs “Rabbit” titles of this and the previous posts)

Welcome back! Previously, on “Who’s Collation is it Anyway?”, due to statements made in the Microsoft documentation for… Read more

2 comments, 1,311 reads

Posted in SQL Quantum Leap on 11 December 2017

Which Collation is Used to Convert NVARCHAR to VARCHAR in a WHERE Condition? (Part A of 2: “Duck”)

(If you’re reading this on SQL Server Central, please click here to see the “Featured Image” which will help explain the “Duck” vs “Rabbit” titles of this and the next posts)

So, the actual question is a bit more specific than would reasonably fit into a title, and it is: Read more

2 comments, 1,386 reads

Posted in SQL Quantum Leap on 8 December 2017

Sessions, Temporary Objects, and the Afterlife

For thousands of years theologians have offered various thoughts on the question of what happens when we die. Does some part of who we are come back to start over again? Do we go to some other place? Is “the end” simply that: the end, in an absolute sense? When… Read more

1 comments, 1,478 reads

Posted in SQL Quantum Leap on 20 November 2017

Line-Continuation in T-SQL

Some (or maybe most?) languages and operating system command shells allow for breaking up long lines into multiple lines (i.e. lines separated by hitting Enter / Return). This is accomplished by ending a line with a particular character that indicates that the line is not ending. For operating system… Read more

1 comments, 2,706 reads

Posted in SQL Quantum Leap on 27 October 2017

All New Collations in SQL Server 2017 Implicitly Support Supplementary Characters

As I was testing whether or not the new “Variation Selector Sensitive” ( _VSS ) Collations in SQL Server 2017 would assist in the following question on DBA.StackExchange:

SELECT query: filter unable to distinguish between two different characters

I ran into what initially looked to be an unfortunate situation. I… Read more

1 comments, 1,073 reads

Posted in SQL Quantum Leap on 16 October 2017

SQLCLR vs. SQL Server 2017, Part 6: “Trusted Assemblies” – Whitelisted Assemblies can’t do Module Signing

“Trusted Assemblies”, a new feature starting in SQL Server 2017, is a means of whitelisting Assemblies that one feels pose no threat, and can be created (and used) without needing to be a) signed and b) have a corresponding signature-based Login that has been granted the UNSAFE ASSEMBLY permission. In… Read more

3 comments, 1,116 reads

Posted in SQL Quantum Leap on 29 September 2017

Clustered Index Uniquifier Existence and Size

In SQL Server, each and every row in a table needs to be accessible by itself, whether or not you declare a Primary Key. Even if you had 1 million rows of just the letter “A” in a one-column table, SQL Server still needs to distinguish between each of those… Read more

2 comments, 175 reads

Posted in SQL Quantum Leap on 19 September 2017

SQLCLR vs. SQL Server 2017, Part 5: “Trusted Assemblies” – Valid Use Cases?

In the previous post in this series on SQLCLR in SQL Server 2017 — Part 4: “Trusted Assemblies” – The Disappointment — we looked at what the “Trusted Assemblies” feature is, what it meant to do, the problems with it, and what the better and more appropriate approach is. “Trusted… Read more

1 comments, 169 reads

Posted in SQL Quantum Leap on 4 September 2017

SQLCLR vs. SQL Server 2017, Part 4: “Trusted Assemblies” – The Disappointment

Recap

Before we look at “Trusted Assemblies”, let’s take a moment to review the context of the situation. First, the “Good”: SQL Server 2017 introduces many awesome features including Linux as a platform, adaptive query processing, interleaved execution for Multi-statement TVFs, and a lot more. Next, the “Bad”: SQL Server… Read more

6 comments, 314 reads

Posted in SQL Quantum Leap on 28 August 2017

SQLCLR vs. SQL Server 2017, Part 3: “CLR strict security” – Solution 2

Welcome back, everyone. In the previous post in this series, I explained how to work within the new SQLCLR security restriction in SQL Server 2017 (i.e. that all Assemblies need to be signed and have a corresponding Login that has been granted the UNSAFE ASSEMBLY permission). That approach is 22… Read more

0 comments, 204 reads

Posted in SQL Quantum Leap on 16 August 2017

SQLCLR vs. SQL Server 2017, Part 2: “CLR strict security” – Solution 1

As mentioned in Part 1 of this “SQLCLR vs. SQL Server 2017” series, the new clr strict security server-level configuration option requires that in order to create any Assembly, even a SAFE one, it must be signed (by a Certificate or Strong Name Key), and there must already exist a… Read more

10 comments, 382 reads

Posted in SQL Quantum Leap on 9 August 2017

SQLCLR vs. SQL Server 2017, Part 1: “CLR strict security” – The Problem

The Good, the Bad, and the Ugle¯e¯ (need to avoid copyright infringement )

SQL Server 2017 is soon to be officially released (i.e. RTM) and there are some impressive changes, with some being impressively good, and some being impressively bad.

The Good

Some amazingly good changes are: Linux as a… Read more

2 comments, 1,014 reads

Posted in SQL Quantum Leap on 7 August 2017

SSMS Tip #2: Shortcut Keys for SQLCMD Mode, Open Containing Folder, Copy Full Path, etc

In SQL Server Management Studio (SSMS), there are a lot of options and functions. In fact, there are so many that you might never see / encounter quite a few of them. Part of the issue is that there are four locations to find these options and functions. The four… Read more

0 comments, 146 reads

Posted in SQL Quantum Leap on 20 July 2017

Older posts