Proactive Performance Tuning

  • Comments posted to this topic are about the item Proactive Performance Tuning

  • I do like the idea but a one man show admin might feel quite stupid about it, just thinking about those 2 locks too far away to reach with both hands at the same time... and telling non DBA staff to login to server XY because you need to do some <insert gibberish to outsiders> things doesn't make the staff like the new DB server any more.

    There is a very good reason why right click on a table -> Delete doesn't ask you potentially multiple times if you REALLY want to drop that table or not, dealing with thousands or millions of rows requires you to know your trade therefore proper education is the way to go imho.

  • my only issue with 2 user authentication is when the "crap" goes sideways at 2am

    it could be a new sql agent job or a new process from an app, but you can't fix it until you wake someone else up.

    it reminds me of those scenes in movies where you have to have 2 people put keys in and turn at the same time to arm or disarm a device.

    I prefer to trust my DBA, but you might think about using a temporary passkey (say 2 hours) that triggers an audit trail

    Like I said, I prefer to trust people like steve (and Dino) rather than over engineer change control

    MVDBA

  • That kind of control, while well intended, may mask a bad DBA or admin.  I've seen rigid change control policies set up but management still does not question a network guy making changes to a core switch.  That problem did correct itself when they had a severe outage but I do think there needs to be a way to certify someone at least knows the basics of managing a server before a company gives them the keys to the kingdom.  I may pick on consultants a lot but I've seen more than one data warehouse expert who did not know how to create indexes or were more concerned with visuals than the stability of the platform.

  • jarick 15608 wrote:

    That kind of control, while well intended, may mask a bad DBA or admin.  I've seen rigid change control policies set up but management still does not question a network guy making changes to a core switch.  That problem did correct itself when they had a severe outage but I do think there needs to be a way to certify someone at least knows the basics of managing a server before a company gives them the keys to the kingdom.  I may pick on consultants a lot but I've seen more than one data warehouse expert who did not know how to create indexes or were more concerned with visuals than the stability of the platform.

    you raise a very very valid point , pick the right guy to do the right job, train them and enable them..the 2 person system disables people's ability to do a job.

    we do all make mistakes - just when you pick the guy to do the job , tell him the first thing to write is a rollback plan

    MVDBA

  • There aren't many places where 2 factor authorization would be needed, but there are some. This isn't for some performance tuning, though arguably, if there are critical things, then a second set of eyes might be more important. However, for things like turning off audits (or changing) or altering encryption keys, I'd want this, regardless of how many people have to wake up.

  • Steve Jones - SSC Editor wrote:

    However, for things like turning off audits (or changing) or altering encryption keys, I'd want this, regardless of how many people have to wake up.

    So I can agree with this point.  Arguably, if you're looking towards this for security-type situations, then I'd also include adding or removing a login from the sysadmin role.  If nothing else, requiring two people (with sufficient access) to sign-in to disable / drop an audit or change an encryption key would help cut down on possible disgruntled employees bringing down a system days or weeks after being let go.  But, it also raises a question, at least as far as the audits:

    Would you also want to require 2-user authentication to create and enable an audit?

    That's one where I'd lean towards not requiring it, but from a programability standpoint, it would probably be easier to just require it.

  • I was torn on creation. Perhaps, especially as you need to specify a location. Ideally you drop audit data in a read/insert spot, and not a place where modify permissions exist. That might want 2 factor checks.

     

  • actually you guys have changed my mind, i'd like 2 people to be engaged in the process of changing the SA password

    MVDBA

  • Thanks for the thought-provoking commentary. The proposal sounds like the nuclear launch two-man rule. So to that extent it seems like overkill for databases, but in some situations it may be useful.

    https://en.wikipedia.org/wiki/Two-man_rule

    -- webrunner

    • This reply was modified 1 year ago by  webrunner.

    -------------------
    A SQL query walks into a bar and sees two tables. He walks up to them and asks, "Can I join you?"
    Ref.: http://tkyte.blogspot.com/2009/02/sql-joke.html

  • That's what I'd like to see implemented in SQL Server, and Windows/Linux, for that matter. Maybe with a group of 3-5 people, of which 2 have to approve something. We'd need some storage of the command, and perhaps some expiration, but a 2 man/woman rule would be nice.

  • Steve Jones - SSC Editor wrote:

    That's what I'd like to see implemented in SQL Server, and Windows/Linux, for that matter. Maybe with a group of 3-5 people, of which 2 have to approve something. We'd need some storage of the command, and perhaps some expiration, but a 2 man/woman rule would be nice.

    here's a thought - if you store the command, what's to stop you mixing with it and "self granting" - i'm seeing lots of layers of complexity, but I still think it's worth a look at

    MVDBA

Viewing 12 posts - 1 through 12 (of 12 total)

You must be logged in to reply to this topic. Login to reply