Security

External Article

Configuring Certificate-based Authentication in SQL Server Express' Distributed Service Broker Environment

  • Article

Implementing a dialog between two services residing in a distributed environment requires the presence of an authentication mechanism. Windows-based Kerberos protocol limits the scope of systems participating in a Service Broker dialog to those residing in the same or trusted Active Directory domains. This article provides an overview of how to eliminate this limitation by employing certificates.

2008-11-03

2,198 reads

External Article

Encryption Alternatives

  • Article

Databases often contain sensitive information and cell-level encryption is a very effective method to protect this information from those who should not have access to it. Although, encryption is not without its challenges.

2008-10-29

3,815 reads

Technical Article

Cryptography in SQL Server

  • Article

This white paper presents an overview of cryptographic functionality and discusses how this applies to authentication, signed procedures, permissions, and encryption. Because the target audience is the database professional and not necessarily security experts, the focus is on practical ways to use cryptography in SQL Server.

2008-09-26

3,859 reads

External Article

Configure MaxTokenSize for SQL Server Authentication

  • Article

DBA's and web developers at our company are experiencing issues with connecting to SQL instances using SQL Server Management Studio and other SQL tools using Windows Integrated Authentication. Our company is large, with well over 70,000 users and groups in Active Directory. When we look in the NT event log on the SQL Server we see both MSSQL and Kerberos errors. What could be causing this?

2008-08-25

3,296 reads

Technical Article

Recover from a SQL Injection Attack on SQL Server

  • Article

Lately it seems like SQL Injection attacks have been increasing. Recently our team has worked through resolving a few different SQL Injection attacks across a variety of web sites. Each of these attacks had a number of similarities which proved to point back to the same source. With this information in hand, the resolution should be much quicker. As such, if your web site is attacked with SQL Injection, how should you address it? How can the identification, analysis, recovery and resolution be streamlined? What are some lessons learned?

You rated this post out of 5. Change rating

2008-08-22

4,820 reads

Blogs

Automatic Index Compaction

By

Index maintenance has always meant nightly jobs and a window you have to defend....

The Goldilocks problem – Materialized Views

By

I’m sure you’ve all heard the tale of Goldilocks and the Three Bears, but...

Monday Monitor Tips: Virtual Machine Usage and Cost

By

One of the things I’ve been requesting for a number of years is cost...

Read the latest Blogs

Forums

SQL Art, Part 4: Happy 4th of July — A British DBA's Guide to Celebrating a War We Don't Talk About

By Terry Jago

Comments posted to this topic are about the item SQL Art, Part 4: Happy...

How We Handled a Vendor Retry That Loaded Twice in Snowflake

By Chandan Shukla

Comments posted to this topic are about the item How We Handled a Vendor...

Cognitive Coverage

By Steve Jones - SSC Editor

Comments posted to this topic are about the item Cognitive Coverage

Visit the forum

Question of the Day

Getting the Average

I have this data in the dbo.Commission table in a SQL Server 2022 database.

salesperson commission
Brian       12
Brian       16
Andy        7
Andy        14
Andy        21
Steve       20
Steve       NULL
All the data is a varchar, and I decide to run this query to get the totals for each salesperson.
SELECT SalesPerson
     , AVG(TRY_PARSE(Commission AS int)) AS TotalCommission
 FROM commission
 GROUP BY SalesPerson
GO
What average commission is calculated for Steve?

See possible answers