Reviewing Windows NT Rights and Privileges Granted for SQL Server Service Accounts
Hi Folks,
I am an experienced .NET apps developer who has been tasked with writing a bunch of technical controls for all the SQL Server instances on a domain.
So for the last month I have been diving in the deep end learning Powershell, dba and infrastructure tasks. This is still a work in progress, so be kind to me.. ;o)
So the task I am stuck on is described in the section on 'Reviewing Windows NT Rights and Privileges Granted for SQL Server Service Accounts' http://technet.microsoft.com/en-us/library/ms143504(v=sql.105).aspx
I have not been able to find cmdlets that gives me this information. I have found some exes which come frustratingly close like NTRights.exe. This lets me specify a computer name which is great, but only seems to let you set or deny permissions, not just
list them!
Any help with this would be very much appreciated as I am firmly stuck. As per comments above also bear in mind that up until around 1.5 months ago I had never used powershell / knew very much at all about SQL server admin etc. Feeling much more comfortable
with them now, but much less so with Active Directory/ windows permission structures etc so please can I ask anyone kind enough to reply to try and keep the acronyms down as much as humanly possible.. ;o)
Cheers
Kieron
Hi Kieron,
Take a look at this module, it makes permissions much easier to work with than what's currently available:
https://gallery.technet.microsoft.com/scriptcenter/PowerShellAccessControl-d3be7b83
Don't retire TechNet! -
(Don't give up yet - 13,085+ strong and growing)
Similar Messages
-
KB2977326 - Security Update for SQL Server Service Pack 1 repeatedly fails to install
This update fails to install every day when I shut down my computer. Here is the WindowsUpdate.Log:
2014-12-02 15:50:11:469
420 44c
AU #########
2014-12-02 15:50:11:469
420 44c
AU # Initiating install at shutdown
2014-12-02 15:50:11:469
420 44c
AU # Approved updates = 1
2014-12-02 15:50:11:516
420 44c
AU <<## SUBMITTED ## AU: Install updates / installing updates [CallId = {685C12BB-7AA9-4A31-9620-8F306EEE31C3}]
2014-12-02 15:50:11:516
420 44c
Shutdwn InstallAtShutdown starts.
2014-12-02 15:50:11:516
420 1528
Agent *************
2014-12-02 15:50:11:516
420 1528
Agent ** START ** Agent: Installing updates [CallerId = AutomaticUpdates]
2014-12-02 15:50:11:516
420 1528
Agent *********
2014-12-02 15:50:11:516
420 1528
Agent * Updates to install = 1
2014-12-02 15:50:11:531
420 1528
Agent * Title = Security Update for SQL Server 2012 Service Pack 1 (KB2977326)
2014-12-02 15:50:11:531
420 1528
Agent * UpdateId = {E0D65CC4-3B13-4352-BD89-A28C5F4C5017}.200
2014-12-02 15:50:11:531
420 1528
Agent * Bundles 1 updates:
2014-12-02 15:50:11:531
420 1528
Agent * {C076E757-1A4F-44DB-823B-CFFC07CD7D38}.200
2014-12-02 15:50:11:547
420 16d8
Shutdwn InstallAtShutdown got install progress.
2014-12-02 15:50:12:327
420 d4c
Report CWERReporter finishing event handling. (00000000)
2014-12-02 15:50:20:548
420 44c
AU WARNING: Pending directive, 'Install Approval', is not applicable
2014-12-02 15:50:24:417
420 16d8
Shutdwn InstallAtShutdown got install progress.
2014-12-02 15:50:24:432
420 16d8
Shutdwn InstallAtShutdown got install progress.
2014-12-02 15:50:24:432
420 1528
DnldMgr Preparing update for install, updateId = {C076E757-1A4F-44DB-823B-CFFC07CD7D38}.200.
2014-12-02 15:50:25:119
2052 608
Misc =========== Logging initialized (build: 7.6.7600.320, tz: -0600) ===========
2014-12-02 15:50:25:119
2052 608
Misc = Process: C:\Windows\system32\wuauclt.exe
2014-12-02 15:50:25:119
2052 608
Misc = Module: C:\Windows\system32\wuaueng.dll
2014-12-02 15:50:25:119
2052 608
Handler :::::::::::::
2014-12-02 15:50:25:119
2052 608
Handler :: START :: Handler: Command Line Install
2014-12-02 15:50:25:119
2052 608
Handler :::::::::
2014-12-02 15:50:25:119
2052 608
Handler : Updates to install = 1
2014-12-02 15:50:25:119
420 16d8
Shutdwn InstallAtShutdown got install progress.
2014-12-02 15:52:23:991
420 44c
AU AU setting next sqm report timeout to 2014-12-03 21:52:23
2014-12-02 15:54:39:587
2052 608
Handler : WARNING: Command line install completed. Return code = 0x84b20001, Result = Failed, Reboot required = false
2014-12-02 15:54:39:587
2052 608
Handler : WARNING: Exit code = 0x8024200B
2014-12-02 15:54:39:587
420 16d8
AU >>## RESUMED ## AU: Installing update [UpdateId = {E0D65CC4-3B13-4352-BD89-A28C5F4C5017}]
2014-12-02 15:54:39:587
2052 608
Handler :::::::::
2014-12-02 15:54:39:587
2052 608
Handler :: END :: Handler: Command Line Install
2014-12-02 15:54:39:587
2052 608
Handler :::::::::::::
2014-12-02 15:54:39:587
420 16d8
AU # WARNING: Install failed, error = 0x80070643 / 0x84B20001
2014-12-02 15:54:39:587
420 16d8
Shutdwn InstallAtShutdown got install progress.
2014-12-02 15:54:39:711
420 1528
Report REPORT EVENT: {DFA9CDC8-334A-4E57-9588-77B8E980833D}
2014-12-02 15:54:39:587-0600 1
198 101
{E0D65CC4-3B13-4352-BD89-A28C5F4C5017}
200 80070643
AutomaticUpdates Failure
Content Install Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for SQL Server 2012 Service Pack 1 (KB2977326).
2014-12-02 15:54:39:727
420 1528
Report CWERReporter::HandleEvents - WER report upload completed with status 0x8
2014-12-02 15:54:39:727
420 1528
Report WER Report sent: 7.6.7600.320 0x80070643 E0D65CC4-3B13-4352-BD89-A28C5F4C5017 Install 101 Unmanaged
2014-12-02 15:54:39:727
420 1528
Report CWERReporter finishing event handling. (00000000)
2014-12-02 15:54:39:805
420 1528
Agent *********
2014-12-02 15:54:39:805
420 16d8
AU Install call completed.
2014-12-02 15:54:39:805
420 1528
Agent ** END ** Agent: Installing updates [CallerId = AutomaticUpdates]
2014-12-02 15:54:39:805
420 16d8
AU # WARNING: Install call completed, reboot required = No, error = 0x00000000
2014-12-02 15:54:39:805
420 1528
Agent *************
2014-12-02 15:54:39:805
420 16d8
AU #########
2014-12-02 15:54:39:805
420 16d8
AU ## END ## AU: Installing updates [CallId = {685C12BB-7AA9-4A31-9620-8F306EEE31C3}]
2014-12-02 15:54:39:805
420 16d8
AU #############
jim...Hello,
Please examine the Summary.txt log file. The following article may help you locate the file on disk:
http://msdn.microsoft.com/en-us/library/ms143702(v=sql.110).aspx
If you find the sentence “A failure was detected for a previous installation” on the Summary.txt log file, please repair SQL Server using the following article:
http://msdn.microsoft.com/en-us/library/Cc646006(v=sql.110).aspx
If you find other errors, please share the content of the Summary.txt log file with us.
Hope this helps.
Regards,
Alberto Morillo
SQLCoffee.com -
I have used SSRS a lot years ago with Sql Server 2000 and Sql Server 2005. I have written external assemblies, ... But now I have to do this with Sql Server 2008 (R2 -- which I realize I am way behind the times already but ...) in sql server 2000 and
2005 there was a tab for datasource to the left of the tab for design which was to the left of the preview tab. How do I get to the datasource window in sql server 2008 (r2) ?
I see that datasource explorer. But where can I get to the datasource window to edit my queries and so forth for sql server 2008 (R2)?
Thanks
Rich PI think I found the answer to my question --- just right-click on the the Data Sources or Datasets for editing connections and dataset queries. I'm guessing it gets even fancier with Sql Svr 2012 - 2014. Man, that's the one thing
about coding platforms -- you let it go for a few years and come back, and everything has changed (well, a lot of things). Now I need to figure out how to add an external assembly to SSRS 2008 (R2).
Rich P -
Where are SQLDOM.msi and SqlSysClrTypes.msi for SQL 2014?
On the SQL Server 2014 Feature Pack page (http://www.microsoft.com/en-us/download/details.aspx?id=42295), under Data-Tier Application Framework, it says:
Note: Microsoft SQL Server 2014 Data-tier Application Framework requires Microsoft SQL Server System CLR Types, and Microsoft SQL Server Transact-SQL ScriptDom both of which are available on this page.
Those things are on that page but, the files are not links so they cannot be downloaded.
Where can I find SQLDOM.msi and SqlSysClrTypes.msi for SQL Server 2014?Where can I find SQLDOM.msi and SqlSysClrTypes.msi for SQL Server 2014?
Click on the "Download" button, then you can select the packages you want to get:
Olaf Helper
[ Blog] [ Xing] [ MVP] -
Question : Service Accounts for SQL Server 2012
Hello,
I am planning to create AD accounts for SQL Server 2012 services that will be installed on Windows 2012 server.
I was reading the following
Configure Windows Service Accounts and Permissions
and
Windows Privileges and Rights
Is there a recommendation / document that would list that assocation of SQL Server Services with Actvie Directory service accounts / privileges required for installation and starting the services.
Isn't it recommended to create separate account for every service and they should not be local accounts ?
Hope to hear soon as to what industry standards are being followed for production systems ?
Thank you very much in advance.
Regards
NikunjFrom MSDN:
Each service in SQL Server represents a process or a set of processes to manage authentication of SQL Server operations with Windows. Each service can be configured to use its own service account. This facility is exposed
at installation. SQL Server provides a special tool, SQL Server Configuration Manager, to manage the services configuration.
When choosing service accounts, consider the principle of least privilege. The service account should have exactly the privileges that it needs to do its job and no more privileges. You also need to consider account isolation; the service accounts should
not only be different from one another, they should not be used by any other service on the same server. Do not grant additional permissions to the SQL Server service account or the service groups.
From Glen Berry's Blog:
You should request that a dedicated domain user account be created for use by the SQL Server service. This should just be a regular, domain account with no special rights on the domain. You do not need or want this account to be a local admin on the machine
where SQL Server will be installed. The SQL Server setup program will grant the necessary rights on the machine to that account during installation.
You will also want a separate, dedicated domain user account for the SQL Server Agent service. If you are going to be installing and using other SQL Server related services such as SQL Server Integration Services (SSIS), SQL Server Reporting Services (SSRS),
or SQL Server Analysis Services (SSAS), you will want dedicated domain accounts for each service. The reason you want separate accounts for each service is because they require different rights on the local machine, and having separate accounts is both more
secure and more resilient, since a problem with one account won’t affect all of the SQL Server Services.
Depending on your organization, getting these domain accounts created could take anywhere from minutes to weeks to complete, so make sure to allow time for this. For each one of these accounts, you will need their logon credentials for the SQL Server setup
program. You are going to want to make sure that the accounts don’t have a temporary password that must be changed during the next login. If they are set up that way, make sure to change them to use a strong password, and record this information in a secure
location.
Please Mark This As Answer if it solved your issue
Please Mark This As Helpful if it helps to solve your issue
Thanks,
Shashikant -
Hi
i have a sharepoint deployment with one SQL Server (running on VM) hosting the config DB and another SQL Server (Physical Host because VM was running out of space) to host the huge Content DBs. I need to schedule automatic backups of the Content DBs to a
network share. For that i need to run the SQL Server Service with an account having permissions to the share as suggested in https://support.microsoft.com/kb/207187?wa=wsignin1.0
I tried changing the logon as a service account to a domain
account which has permissions to the Network Share and is also in local Administrators group of SQL Server and has "public and sysadmin" roles in SQL Server but that caused an issue. the SharePoint Web Application started showing a White Screen so
I had to revert back to the default accounts i.e. NT Service\SQLSERVERAGENT and NT Service\MSSQLSERVER. I viewed the event logs . These are the types of error i got after changing the logon as a service account to a domain account
1) Information Rights Management (IRM): Retried too many times to initialize IRM client. Cannot retry more. Retried times is:0x5.
System
Provider
[ Name]
Microsoft-SharePoint Products-SharePoint Foundation
[ Guid]
{6FB7E0CD-52E7-47DD-997A-241563931FC2}
EventID
5148
Version
15
Level
2
Task
9
Opcode
0
Keywords
0x4000000000000000
TimeCreated
[ SystemTime]
2015-02-02T04:46:04.750899500Z
EventRecordID
176477
Correlation
[ ActivityID]
{8FACE59C-1E17-50D0-7135-25FDB824CDBE}
Execution
[ ProcessID]
6912
[ ThreadID]
8872
Channel
Application
Computer
Security
[ UserID]
S-1-5-21-876248814-3204482948-604612597-111753
EventData
hex0
0x5
2)
Unknown SQL Exception 0 occurred. Additional error information from SQL Server is included below.
The target principal name is incorrect. Cannot generate SSPI context.
System
Provider
[ Name]
Microsoft-SharePoint Products-SharePoint Foundation
[ Guid]
{6FB7E0CD-52E7-47DD-997A-241563931FC2}
EventID
5586
Version
15
Level
2
Task
3
Opcode
0
Keywords
0x4000000000000000
TimeCreated
[ SystemTime]
2015-02-02T07:01:35.843757700Z
EventRecordID
176490
Correlation
[ ActivityID]
{50B4E59C-5E3A-50D0-7135-22AD91909F02}
Execution
[ ProcessID]
6912
[ ThreadID]
5452
Channel
Application
Computer
Security
[ UserID]
S-1-5-17
EventData
int0
0
string1
The target principal name is incorrect. Cannot generate SSPI context.Hi Aparna,
According to your description, you get the above two errors when scheduling backups of Content DB. Right?
Based on those two error messages, they are related to the service principal name(SPN) for SQL Server service. Please verify the if the SPN is registered successfully. You can view it in ADSI Edit or use command line. Please see:
http://blogs.msdn.com/b/psssql/archive/2010/03/09/what-spn-do-i-use-and-how-does-it-get-there.aspx
When installing SQL Server, those two services below should be registered:
MSSQLSvc/servername:1433
MSSQLSvc/servername
Please check if those SPNs or duplicated SPNs exist. You can use command to reset SPN or remove duplicated SPN and add new one. See:
Setspn.
We have also met this issue when this SPN is registered under Administrator. Please try to register it under Computer. You can add it in ADSI Edit.
If you have any question, please feel free to ask.
Simon Hou
TechNet Community Support -
Group managed service accounts for SQL Server
Hey guys,
Unfortunately I missed that (g/s)MSAs aren't supported yet for SQL Servers but I'm using them without any worries since ages.
As i digged a bit deeper I could find different informations due to the related TechNet entrys. So it seems Microsofts Informations about (s)MSAs and gMSAs aren't consistent.
I'm not a SQL Server guy and use SQL only for System Center testing stuff so i would like to get a real world exps of SQL Server guys.
Should I continue using gMSAs or are there any worries I should know?
some sources I found so far:
Not supported:
"Hi Adam,
Thank you for your feedback. Windows Server 2012 Group Managed Service Account is not currently supported as SQL 2012 released earlier than Windows Server 2012. We will consider to support gMSA in future SQL Server release.
Regards,
Min He, Program Manager, SQL Server"
11.2012 -
https://connect.microsoft.com/SQLServer/feedback/details/767211/gmsa-for-sql-server-failover-Clusters
gMSA are not yet available, are not yet supported for SQL Server. gMSA exist and are available and supported in Windows Server 2012 and higher. SQL does not support them , but
from an OS perspective, they exist and are supported.
http://blogs.msdn.com/b/sqlosteam/archive/2014/02/19/msa-accounts-used-with-sql.aspx
Within the FAQ Task Scheduler isn't supported as well ...
http://technet.microsoft.com/en-us/library/ff641729%28WS.10%29.aspx
... but also PFEs using them for Tasks... this is confusin... 0o
http://blogs.msdn.com/b/arvindsh/archive/2014/02/03/managed-service-accounts-msa-and-sql-2012-practical-tips.aspx
supported?:
Configure Windows Service Accounts and Permissions
... New Account Types Available with Windows 7 and Windows Server 2008 R2
http://technet.microsoft.com/en-us/library/ms143504(v=sql.110).aspx#Default_Accts
The MSA must be created in the Active Directory by the domain administrator before SQL Server setup can use it for SQL Server services.
others sources won't mentioning s/gMSAs...
I couldn't find clear informations about using gMSA for SQL Server 2014.
only the same page which also Looks like the page for 2008 R2 and SQL 2012.
Configure Windows Service Accounts and Permissions
SQL Server 2014
http://msdn.microsoft.com/en-us/library/ms143504.aspx
annoying topic so far... ;)Hi Enrico
aside from what Dan says about the risk for support, on which I agree, the following thread may clear it up a bit:
http://social.msdn.microsoft.com/Forums/sqlserver/en-US/acb2048c-ffce-4d44-b882-6aafc7eb689d/managed-service-accounts-to-run-sql-server-service?forum=sqlsecurity
Andreas Wolter (Blog |
Twitter)
MCM - Microsoft Certified Master SQL Server 2008
MCSM - Microsoft Certified Solutions Master Data Platform, SQL Server 2012
www.andreas-wolter.com |
www.SarpedonQualityLab.com -
WSUS service pack updates for SQL Server 2008 R2
Hello, how do we configure WSUS for SQL Server Service Packs? One problem we have is that we do not see SQL server 2008 R2 SP2 available as a download from our WSUS server and this is when SQL SP1 is installed. Now I can apply these service packs manually
but when we have 100's of virtual machines with different versions and editions of SQL this task can be quite daunting. Suggestions please?
RFDZ12from memory, SQL service packs and CUs are not released via WSUS.
This article is a good reference for (products other than Windows) for what has been released via WSUS:
http://technet.microsoft.com/en-us/windowsserver/bb456965
The equivalent article for Windows releases, is
http://support.microsoft.com/kb/894199
Or, you can check the MU catalog (which doesn't necessarily mean the update is available via WSUS, but if the update you seek in is the MU catalog, you can usually import it into your WSUS)
http://catalog.update.microsoft.com/
some updates for products are not able to be released via WSUS, for various reasons, and so in those cases, you need a different deployment solution.
Don
(Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!) -
I have downloaded overdrive on my windows 8.1 and authorized it for digital editions How do I download the library book on overdrive to my kobo
This is probably the article that you were referring to with the registry fix:
"Help! After installing Windows 8.1, my USB drive disappears or file transfers
stop unexpectedly..."
This article was updated to state that the registry workaround is no longer required, as the Update has a fix in it. However, you still might want to check the power settings and make sure 'suspend' is disabled.
Hope this helps,
David
Windows Outreach Team - IT Pro
The Springboard Series on TechNet -
Hi,
I have installed the x64 SQL Server 2008 R2 Express with default settings and run MBSA 2.3 (using default settings too). It shows three SQL Server instances: MSSQL10_50.SQLEXPRESS, SQLEXPRESS and SQLEXPRESS (32-bit). For the first, authentication
mode is Windows, for the rest two - mixed. Here https://social.msdn.microsoft.com/Forums/sqlserver/en-US/03e470dc-874d-476d-849b-c805acf5b24d/sql-mbsa-question-on-folder-permission?forum=sqlsecurity question
about such multiple instances was asked and the answer is that "MSSQL10.TEST_DB
is the instance ID for the SQL Server Database Engine of the instance, TEST_DB", so in my case, it seems that MSSQL10_50.SQLEXPRESS is the instance ID for SQL Server Database Engine of the SQLEXPRESS instance.
I have two questions:
1) How can it be that SQL Server DB Engine instance has different authentication mode than corresponding SQL Server Instance?
2) Why 32-bit instance reported although I installed only 64-bit version?
Also, this https://social.technet.microsoft.com/Forums/security/en-US/6b12c019-eaf0-402c-ab40-51d31dce968f/mbsa-23-reporting-sql-32bt-instance-is-running-in-mixed-mode-when-it-is-set-to-integrated?forum=MBSA question seems to be related to this
issue, but there is no answer :(.
Upd: Tried on clean Windows 8 installation and Windows 7 with the same result.Because I DO NOT want the three people who will be having access to the production SQL Server to also have access to the primary host ProductionA. Since I have to allow them to RDC into the box to manage the SQL Server, I figure why not create
a separate VM for each one of them and they can RDC into those instead.
Does this make any sense?
Any tips are greatly appreciated. The main reason for doing this is because the three people who will be accessing the box, I need to isolate each one of them and at the same time keep them off of the primary ProductionA.
Thanks for your help.
M
Hello M,
Since you dont want the 3 guys to have access to Production machine A.You can install SQL Server client .By client i mean SQL server management studio(SSMS) on there local desktop and then create login for them in SQL Server.Open port on which your SQL server
is running for three of the machines so that they can connct.Now with SSMS installed on each machine each can connect to SQL server from there own machine.
I would also like you to be cautious with giving Sysadmin privilege to all three of them ,first please note down what task they would do and then decide what rights to be provided.
Your option will also work but you need to create 3 VM for that .Which is more tedious task.
Hope this helps
Please mark this reply as the answer or vote as helpful, as appropriate, to make it useful for other readers -
Increase Performance and ROI for SQL Server Environments
May 2015
Explore
The Buzz from Microsoft Ignite 2015
NetApp was in full force at the recent Microsoft Ignite show in Chicago, talking about solutions for hybrid cloud, and our proven solutions for Microsoft SQL Server and other Microsoft applications.
Hot topics at the NetApp booth included:
OnCommand® Shift. A revolutionary technology that lets you move virtual machines back and forth between VMware and Hyper-V environments in minutes.
Azure Site Recovery to NetApp Private Storage. Replicate on-premises SAN-based applications to NPS for disaster recovery in the Azure cloud.
These tools give you greater flexibility for managing and protecting important business applications.
Chris Lemmons
Director, EIS Technical Marketing, NetApp
If your organization runs databases such as Microsoft SQL Server and Oracle DB, you probably know that these vendors primarily license their products on a "per-core" basis. Microsoft recently switched to "per-core" rather than "per-socket" licensing for SQL Server 2012 and 2014. This change can have a big impact on the total cost of operating a database, especially as core counts on new servers continue to climb. It turns out that the right storage infrastructure can drive down database costs, increase productivity, and put your infrastructure back in balance.
In many customer environments, NetApp has noticed that server CPU utilization is low—often on the order of just 20%. This is usually the result of I/O bottlenecks. Server cores have to sit and wait for I/O from hard disk drives (HDDs). We've been closely studying the impact of all-flash storage on SQL Server environments that use HDD-based storage systems. NetApp® All Flash FAS platform delivers world-class performance for SQL Server plus the storage efficiency, application integration, nondisruptive operations, and data protection of clustered Data ONTAP®, making it ideal for SQL Server environments.
Tests show that All Flash FAS can drive up IOPS and database server CPU utilization by as much as 4x. And with a 95% reduction in latency, you can achieve this level of performance with half as many servers. This reduces the number of servers you need and the number of cores you have to license, driving down costs by 50% or more and paying back your investment in flash in as little as six months.
Figure 1) NetApp All Flash FAS increases CPU utilization on your SQL Server database servers, lowering costs.
Source: NetApp, 2015
Whether you're running one of the newer versions of SQL Server or facing an upgrade of an earlier version, you can't afford not to take a second look at your storage environment.
End of Support for Microsoft SQL Server 2005 is Rapidly Approaching
Microsoft has set the end of extended support for SQL Server 2005 for April 2016—less than a year away. With support for Microsoft Windows 2003 ending in July 2015, time may already be running short.
If you're running Windows Server 2003, new server hardware is almost certainly needed when you upgrade SQL Server. Evaluate your server and storage options now to get costs under control.
Test Methodology
To test the impact of flash on SQL Server performance, we replaced a legacy HDD-based storage system with an All Flash FAS AFF8080 EX. The legacy system was configured with almost 150 HDDs, a typical configuration for HDD storage supporting SQL Server. The AFF8080 EX used just 48 SSDs.
Table 1) Components used in testing.
Test Configuration Components
Details
SQL Server 2014 servers
Fujitsu RX300
Server operating system
Microsoft Windows 2012 R2 Standard Edition
SQL Server database version
Microsoft SQL Server 2014 Enterprise Edition
Processors per server
2 6-core Xeon E5-2630 at 2.30 GHz
Fibre channel network
8Gb FC with multipathing
Storage controller
AFF8080 EX
Data ONTAP version
Clustered Data ONTAP® 8.3.1
Drive number and type
48 SSD
Source: NetApp, 2015
The test configuration consisted of 10 database servers connected through fibre channel to both the legacy storage system and the AFF8080 EX. Each of the 10 servers ran SQL Server 2014 Enterprise Edition.
The publicly available HammerDB workload generator was used to drive an OLTP-like workload simultaneously from each of the 10 database servers to storage. We first directed the workload to the legacy storage array to establish a baseline, increasing the load to the point where read latency consistently exceeded 20ms.
That workload was then directed at the AFF8080 EX. The change in storage resulted in an overall 20x reduction in read latency, a greater than 4x improvement in IOPS, and a greater than 4x improvement in database server CPU utilization.
Figure 2) NetApp All Flash FAS increases IOPS and server CPU utilization and lowers latency.
Source: NetApp, 2015
In other words, the database servers are able to process four times as many IOPS with dramatically lower latency. CPU utilization goes up accordingly because the servers are processing 4x the work per unit time.
The All Flash FAS system still had additional headroom under this load.
Calculating the Savings
Let's look at what this performance improvement means for the total cost of running SQL Server 2014 over a 3-year period. To do the analysis we used NetApp Realize, a storage modeling and financial analysis tool designed to help quantify the value of NetApp solutions and products. NetApp sales teams and partners use this tool to assist with return on investment (ROI) calculations.
The calculation includes the cost of the AFF8080 EX, eliminates the costs associated with the existing storage system, and cuts the total number of database servers from 10 to five. This reduces SQL Server licensing costs by 50%. The same workload was run with five servers and achieved the same results. ROI analysis is summarized in Table 2.
Table 2) ROI from replacing an HDD-based storage system with All Flash FAS, thereby cutting server and licensing costs in half.
Value
Analysis Results
ROI
65%
Net present value (NPV)
$950,000
Payback period
six months
Total cost reduction
More than $1 million saved over a 3-year analysis period compared to the legacy storage system
Savings on power, space, and administration
$40,000
Additional savings due to nondisruptive operations benefits (not included in ROI)
$90,000
Source: NetApp, 2015
The takeaway here is that you can replace your existing storage with All Flash FAS and get a big performance bump while substantially reducing your costs, with the majority of the savings derived from the reduction in SQL Server licensing costs.
Replace your existing storage with All Flash FAS and get a big performance bump while substantially reducing your costs.
Maximum SQL Server 2014 Performance
In addition to the ROI analysis, we also measured the maximum performance of the AFF8080 EX with SQL Server 2014. A load-generation tool was used to simulate an industry-standard TPC-E OLTP workload against an SQL Server 2014 test configuration.
A two-node AFF8080 EX achieved a maximum throughput of 322K IOPS at just over 1ms latency. For all points other than the maximum load point, latency was consistently under 1ms and remained under 0.8ms up to 180K IOPS.
Data Reduction and Storage Efficiency
In addition to performance testing, we looked at the overall storage efficiency savings of our SQL Server database implementation. The degree of compression that can be achieved is dependent on the actual data that is written and stored in the database. For this environment, inline compression was effective. Deduplication, as is often the case in database environments, provided little additional storage savings and was not enabled.
For the test data used in the maximum performance test, we measured a compression ratio of 1.5:1. We also tested inline compression on a production SQL Server 2014 data set to further validate these results and saw a 1.8:1 compression ratio.
Space-efficient NetApp Snapshot® copies provide additional storage efficiency benefits for database environments. Unlike snapshot methods that use copy-on-write, there is no performance penalty; unlike full mirror copies, NetApp Snapshot copies use storage space sparingly. Snapshot copies only consume a small amount of storage space for metadata and additional incremental space is consumed as block-level changes occur. In a typical real-world SQL Server deployment on NetApp storage, database volume Snapshot copies are made every two hours.
First introduced more than 10 years ago, NetApp FlexClone® technology also plays an important role in SQL Server environments. Clones are fully writable, and, similar to Snapshot copies, only consume incremental storage capacity. With FlexClone, you can create as many copies of production data as you need for development and test, reporting, and so on. Cloning is a great way to support the development and test work needed when upgrading from an earlier version of SQL Server. You'll sometimes see these types of capabilities referred to as "copy data management."
A Better Way to Run Enterprise Applications
The performance benefits that all-flash storage can deliver for database environments are significant: more IOPS, lower latency, and an end to near-constant performance tuning.
If you think the performance acceleration that comes with all-flash storage is cost prohibitive, think again. All Flash FAS doesn't just deliver a performance boost, it changes the economics of your operations, paying for itself with thousands in savings on licensing and server costs. In terms of dollars per IOPS, All Flash FAS is extremely economical relative to HDD.
And, because All Flash FAS runs NetApp clustered Data ONTAP, it delivers the most complete environment to support SQL Server and all your enterprise applications with capabilities that include comprehensive storage efficiency, integrated data protection, and deep integration for your applications.
For complete details on this testing look for NetApp TR-4303, which will be available in a few weeks. Stay tuned to Tech OnTap for more information as NetApp continues to run benchmarks with important server workloads including Oracle DB and server virtualization.
Learn more about NetApp solutions for SQL Server and NetApp All-flash solutions.
Quick Links
Tech OnTap Community
Archive
PDFMay 2015
Explore
The Buzz from Microsoft Ignite 2015
NetApp was in full force at the recent Microsoft Ignite show in Chicago, talking about solutions for hybrid cloud, and our proven solutions for Microsoft SQL Server and other Microsoft applications.
Hot topics at the NetApp booth included:
OnCommand® Shift. A revolutionary technology that lets you move virtual machines back and forth between VMware and Hyper-V environments in minutes.
Azure Site Recovery to NetApp Private Storage. Replicate on-premises SAN-based applications to NPS for disaster recovery in the Azure cloud.
These tools give you greater flexibility for managing and protecting important business applications.
Chris Lemmons
Director, EIS Technical Marketing, NetApp
If your organization runs databases such as Microsoft SQL Server and Oracle DB, you probably know that these vendors primarily license their products on a "per-core" basis. Microsoft recently switched to "per-core" rather than "per-socket" licensing for SQL Server 2012 and 2014. This change can have a big impact on the total cost of operating a database, especially as core counts on new servers continue to climb. It turns out that the right storage infrastructure can drive down database costs, increase productivity, and put your infrastructure back in balance.
In many customer environments, NetApp has noticed that server CPU utilization is low—often on the order of just 20%. This is usually the result of I/O bottlenecks. Server cores have to sit and wait for I/O from hard disk drives (HDDs). We've been closely studying the impact of all-flash storage on SQL Server environments that use HDD-based storage systems. NetApp® All Flash FAS platform delivers world-class performance for SQL Server plus the storage efficiency, application integration, nondisruptive operations, and data protection of clustered Data ONTAP®, making it ideal for SQL Server environments.
Tests show that All Flash FAS can drive up IOPS and database server CPU utilization by as much as 4x. And with a 95% reduction in latency, you can achieve this level of performance with half as many servers. This reduces the number of servers you need and the number of cores you have to license, driving down costs by 50% or more and paying back your investment in flash in as little as six months.
Figure 1) NetApp All Flash FAS increases CPU utilization on your SQL Server database servers, lowering costs.
Source: NetApp, 2015
Whether you're running one of the newer versions of SQL Server or facing an upgrade of an earlier version, you can't afford not to take a second look at your storage environment.
End of Support for Microsoft SQL Server 2005 is Rapidly Approaching
Microsoft has set the end of extended support for SQL Server 2005 for April 2016—less than a year away. With support for Microsoft Windows 2003 ending in July 2015, time may already be running short.
If you're running Windows Server 2003, new server hardware is almost certainly needed when you upgrade SQL Server. Evaluate your server and storage options now to get costs under control.
Test Methodology
To test the impact of flash on SQL Server performance, we replaced a legacy HDD-based storage system with an All Flash FAS AFF8080 EX. The legacy system was configured with almost 150 HDDs, a typical configuration for HDD storage supporting SQL Server. The AFF8080 EX used just 48 SSDs.
Table 1) Components used in testing.
Test Configuration Components
Details
SQL Server 2014 servers
Fujitsu RX300
Server operating system
Microsoft Windows 2012 R2 Standard Edition
SQL Server database version
Microsoft SQL Server 2014 Enterprise Edition
Processors per server
2 6-core Xeon E5-2630 at 2.30 GHz
Fibre channel network
8Gb FC with multipathing
Storage controller
AFF8080 EX
Data ONTAP version
Clustered Data ONTAP® 8.3.1
Drive number and type
48 SSD
Source: NetApp, 2015
The test configuration consisted of 10 database servers connected through fibre channel to both the legacy storage system and the AFF8080 EX. Each of the 10 servers ran SQL Server 2014 Enterprise Edition.
The publicly available HammerDB workload generator was used to drive an OLTP-like workload simultaneously from each of the 10 database servers to storage. We first directed the workload to the legacy storage array to establish a baseline, increasing the load to the point where read latency consistently exceeded 20ms.
That workload was then directed at the AFF8080 EX. The change in storage resulted in an overall 20x reduction in read latency, a greater than 4x improvement in IOPS, and a greater than 4x improvement in database server CPU utilization.
Figure 2) NetApp All Flash FAS increases IOPS and server CPU utilization and lowers latency.
Source: NetApp, 2015
In other words, the database servers are able to process four times as many IOPS with dramatically lower latency. CPU utilization goes up accordingly because the servers are processing 4x the work per unit time.
The All Flash FAS system still had additional headroom under this load.
Calculating the Savings
Let's look at what this performance improvement means for the total cost of running SQL Server 2014 over a 3-year period. To do the analysis we used NetApp Realize, a storage modeling and financial analysis tool designed to help quantify the value of NetApp solutions and products. NetApp sales teams and partners use this tool to assist with return on investment (ROI) calculations.
The calculation includes the cost of the AFF8080 EX, eliminates the costs associated with the existing storage system, and cuts the total number of database servers from 10 to five. This reduces SQL Server licensing costs by 50%. The same workload was run with five servers and achieved the same results. ROI analysis is summarized in Table 2.
Table 2) ROI from replacing an HDD-based storage system with All Flash FAS, thereby cutting server and licensing costs in half.
Value
Analysis Results
ROI
65%
Net present value (NPV)
$950,000
Payback period
six months
Total cost reduction
More than $1 million saved over a 3-year analysis period compared to the legacy storage system
Savings on power, space, and administration
$40,000
Additional savings due to nondisruptive operations benefits (not included in ROI)
$90,000
Source: NetApp, 2015
The takeaway here is that you can replace your existing storage with All Flash FAS and get a big performance bump while substantially reducing your costs, with the majority of the savings derived from the reduction in SQL Server licensing costs.
Replace your existing storage with All Flash FAS and get a big performance bump while substantially reducing your costs.
Maximum SQL Server 2014 Performance
In addition to the ROI analysis, we also measured the maximum performance of the AFF8080 EX with SQL Server 2014. A load-generation tool was used to simulate an industry-standard TPC-E OLTP workload against an SQL Server 2014 test configuration.
A two-node AFF8080 EX achieved a maximum throughput of 322K IOPS at just over 1ms latency. For all points other than the maximum load point, latency was consistently under 1ms and remained under 0.8ms up to 180K IOPS.
Data Reduction and Storage Efficiency
In addition to performance testing, we looked at the overall storage efficiency savings of our SQL Server database implementation. The degree of compression that can be achieved is dependent on the actual data that is written and stored in the database. For this environment, inline compression was effective. Deduplication, as is often the case in database environments, provided little additional storage savings and was not enabled.
For the test data used in the maximum performance test, we measured a compression ratio of 1.5:1. We also tested inline compression on a production SQL Server 2014 data set to further validate these results and saw a 1.8:1 compression ratio.
Space-efficient NetApp Snapshot® copies provide additional storage efficiency benefits for database environments. Unlike snapshot methods that use copy-on-write, there is no performance penalty; unlike full mirror copies, NetApp Snapshot copies use storage space sparingly. Snapshot copies only consume a small amount of storage space for metadata and additional incremental space is consumed as block-level changes occur. In a typical real-world SQL Server deployment on NetApp storage, database volume Snapshot copies are made every two hours.
First introduced more than 10 years ago, NetApp FlexClone® technology also plays an important role in SQL Server environments. Clones are fully writable, and, similar to Snapshot copies, only consume incremental storage capacity. With FlexClone, you can create as many copies of production data as you need for development and test, reporting, and so on. Cloning is a great way to support the development and test work needed when upgrading from an earlier version of SQL Server. You'll sometimes see these types of capabilities referred to as "copy data management."
A Better Way to Run Enterprise Applications
The performance benefits that all-flash storage can deliver for database environments are significant: more IOPS, lower latency, and an end to near-constant performance tuning.
If you think the performance acceleration that comes with all-flash storage is cost prohibitive, think again. All Flash FAS doesn't just deliver a performance boost, it changes the economics of your operations, paying for itself with thousands in savings on licensing and server costs. In terms of dollars per IOPS, All Flash FAS is extremely economical relative to HDD.
And, because All Flash FAS runs NetApp clustered Data ONTAP, it delivers the most complete environment to support SQL Server and all your enterprise applications with capabilities that include comprehensive storage efficiency, integrated data protection, and deep integration for your applications.
For complete details on this testing look for NetApp TR-4303, which will be available in a few weeks. Stay tuned to Tech OnTap for more information as NetApp continues to run benchmarks with important server workloads including Oracle DB and server virtualization.
Learn more about NetApp solutions for SQL Server and NetApp All-flash solutions.
Quick Links
Tech OnTap Community
Archive
PDF -
Download for SQL Server machine running Windows Server 2008 Enterprise SP2
I am confused what 11g product to download and how to configure for the above server. I just need for SQL Server 2008 to be able to communicate with some Oracle databases. I don't need to manage the Oracle database, nor do I need to create one. I just need to be able to create linked servers, use SQL Plus, and create some SSIS or DTS packages that will bring Oracle data into the SQL Server. I think I just need the client, but for 11g, I see it is less than 1GB in size. I am afraid I may be missing something because I thought the client downloads were about 2GB, but the 2GB downloads are not called "client". This is a 64bit machine running an Intel Xeon X7460 chip.
Our server has a C:\, D:\, and E:\ drive on it. The data (.mdf) is on drive E:\. The normal environment is on C:\ like usual. I also need to know if I need to set environment variables which I read about, but am not sure how to set them and make them stay, or if the software does that.
As an aside, I tried installing a 10g on there that the DBA downloaded and could never get it to work, although I was successful in getting tnsping to work, but SQLPlusW would close on me when I tried to connect and SQLPlus failed with some error but can't remember what right now. I uninstalled it. I think it may have been the wrong download.
I would appreciate any info at all, even if you don't know about everything said here.
I have a link here where I think I am close, but I still am not sure. Let me know if this is correct and which link to click. If I am wrong, please provide the correct link if you can. Thank you.
[http://www.oracle.com/technetwork/database/enterprise-edition/downloads/112010-win64soft-094461.html]
Edited by: user486992 on Oct 20, 2010 11:07 AMHi,
To integrate Oracle with SQL server you need the following
Install Oracle 11g Release 2 client software
Install Oracle 11g Release 2 ODAC software
Restart SQL services
Configure OraOLEDB.Oracle provider
Create linked server
Add remote logins for linked server
see this links
http://www.mssqltips.com/tip.asp?tip=1433
http://www.easysoft.com/applications/oracle/database-gateway-dg4odbc.html :) -
JDBC driver for SQL Server 2000 with windows authentication
Does anyone know of a JDBC driver for SQL Server 2000 that supports Windows Authentication, that is that a username and password does not need to be supplied when connecting to the database.
You can use the JDBC-ODBC-Bridge.
ODBC provides windows-authentication.
Hope it helps.
Freddy -
Creating a windows cluster 2012 for sql server 2012 clustered installation
Hello,
I am trying to create a windows cluster for sql server 2012 clustering on windows server 2012 R2 standard edition-64bit OS
when i perform the test after adding the cluster nodes i get this warning on networking.:Validate the servers can communicate
do i have to enable UDP port 1434?
I enabled ports 3343 on both the server but i still get the error.Please see the image below .Please suggest.
Thank you.
luckyDo you have installed one SQL Server instance on the node?
http://blogs.technet.com/b/meamcs/archive/2013/02/15/sql-2012-failover-cluster-build-step-by-step-part-1-installing-sql-2012.aspx
Best Regards,Uri Dimant SQL Server MVP,
http://sqlblog.com/blogs/uri_dimant/
MS SQL optimization: MS SQL Development and Optimization
MS SQL Consulting:
Large scale of database and data cleansing
Remote DBA Services:
Improves MS SQL Database Performance
SQL Server Integration Services:
Business Intelligence -
Hello everyone.
I'm using SQL Server 2014, and writting on some C++ app to query and modify the database. I use the ODBC API.
I'm stuck on inserting an SQL_NUMERIC_STRUCT value into the database, if the corresponding database-column has a scale set.
For test-purposes: I have a Table named 'decTable' that has a column 'id' (integer) and a column 'dec' (decimal(5,3))
In the code I basically do:
1. Connect to the DB, get the handles, etc.
2. Use SQLBindParameter to bind a SQL_NUMERIC_STRUCT to a query with parameter markers. Note that I do include the information about precision and scale, something like: SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_NUMERIC, SQL_NUMERIC, 5, 3, &numStr,
sizeof(cbNum), &cbNum);
3. Prepare a Statement to insert values, something like: SQLPrepare(hstmt, L"INSERT INTO decTable (id, dec) values(?, ?)", SQL_NTS);
4. Set some valid data on the SQL_NUMERIC_STRUCT
5. Call SQLExecute to execute. But now I get the error:
SQLSTATE: 22003; nativeErr: 0 Msg: [Microsoft][ODBC Driver 11 for SQL Server]Numeric value out of range
I dont get it what I am doing wrong. The same code works fine against IBM DB2 and MySql. I also have no problems reading a SQL_NUMERIC_STRUCT using SQLBindCol(..) and the various SQLSetDescField to define the scale and precision.
Is there a problem in the ODBC Driver of the SQL Server 2014?
For completeness, here is a working c++ example:
// InsertNumTest.cpp
// create database using:
create a table decTable with an id and a decimal(5,3) column:
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE TABLE[dbo].[decTable](
[id][int] NOT NULL,
[dec][decimal](5, 3) NULL,
CONSTRAINT[PK_decTable] PRIMARY KEY CLUSTERED
[id] ASC
)WITH(PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON[PRIMARY]
) ON[PRIMARY]
GO
// Then create an odbc DSN entry that can be used:
#define DSN L"exOdbc_SqlServer_2014"
#define USER L"exodbc"
#define PASS L"testexodbc"
// system
#include <iostream>
#include <tchar.h>
#include <windows.h>
// odbc-things
#include <sql.h>
#include <sqlext.h>
#include <sqlucode.h>
void printErrors(SQLSMALLINT handleType, SQLHANDLE h)
SQLSMALLINT recNr = 1;
SQLRETURN ret = SQL_SUCCESS;
SQLSMALLINT cb = 0;
SQLWCHAR sqlState[5 + 1];
SQLINTEGER nativeErr;
SQLWCHAR msg[SQL_MAX_MESSAGE_LENGTH + 1];
while (ret == SQL_SUCCESS || ret == SQL_SUCCESS_WITH_INFO)
msg[0] = 0;
ret = SQLGetDiagRec(handleType, h, recNr, sqlState, &nativeErr, msg, SQL_MAX_MESSAGE_LENGTH + 1, &cb);
if (ret == SQL_SUCCESS || ret == SQL_SUCCESS_WITH_INFO)
std::wcout << L"SQLSTATE: " << sqlState << L"; nativeErr: " << nativeErr << L" Msg: " << msg << std::endl;
++recNr;
void printErrorsAndAbort(SQLSMALLINT handleType, SQLHANDLE h)
printErrors(handleType, h);
getchar();
abort();
int _tmain(int argc, _TCHAR* argv[])
SQLHENV henv = SQL_NULL_HENV;
SQLHDBC hdbc = SQL_NULL_HDBC;
SQLHSTMT hstmt = SQL_NULL_HSTMT;
SQLHDESC hdesc = SQL_NULL_HDESC;
SQLRETURN ret = 0;
// Connect to DB
ret = SQLAllocHandle(SQL_HANDLE_ENV, NULL, &henv);
ret = SQLSetEnvAttr(henv, SQL_ATTR_ODBC_VERSION, (SQLPOINTER)SQL_OV_ODBC3, SQL_IS_INTEGER);
ret = SQLAllocHandle(SQL_HANDLE_DBC, henv, &hdbc);
ret = SQLConnect(hdbc, (SQLWCHAR*)DSN, SQL_NTS, USER, SQL_NTS, PASS, SQL_NTS);
if (!SQL_SUCCEEDED(ret))
printErrors(SQL_HANDLE_DBC, hdbc);
getchar();
return -1;
ret = SQLAllocHandle(SQL_HANDLE_STMT, hdbc, &hstmt);
// Bind id as parameter
SQLINTEGER id = 0;
SQLINTEGER cbId = 0;
ret = SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_SLONG, SQL_INTEGER, 0, 0, &id, sizeof(id), &cbId);
if (!SQL_SUCCEEDED(ret))
printErrorsAndAbort(SQL_HANDLE_STMT, hstmt);
// Bind numStr as Insert-parameter
SQL_NUMERIC_STRUCT numStr;
ZeroMemory(&numStr, sizeof(numStr));
SQLINTEGER cbNum = 0;
ret = SQLBindParameter(hstmt, 2, SQL_PARAM_INPUT, SQL_C_NUMERIC, SQL_NUMERIC, 5, 3, &numStr, sizeof(cbNum), &cbNum);
if (!SQL_SUCCEEDED(ret))
printErrorsAndAbort(SQL_HANDLE_STMT, hstmt);
// Prepare statement
ret = SQLPrepare(hstmt, L"INSERT INTO decTable (id, dec) values(?, ?)", SQL_NTS);
if (!SQL_SUCCEEDED(ret))
printErrorsAndAbort(SQL_HANDLE_STMT, hstmt);
// Set some data and execute
id = 1;
SQLINTEGER iVal = 12345;
memcpy(numStr.val, &iVal, sizeof(iVal));
numStr.precision = 5;
numStr.scale = 3;
numStr.sign = 1;
ret = SQLExecute(hstmt);
if (!SQL_SUCCEEDED(ret))
printErrorsAndAbort(SQL_HANDLE_STMT, hstmt);
getchar();
return 0;This post might help:
http://msdn.developer-works.com/article/12639498/SQL_C_NUMERIC+data+incorrect+after+insert
If this is no solution try increasing the decimale number on the SQL server table, if you stille have the same problem after that change the column to a nvarchar and see the actual value that is put through the ODBC connector for SQL.
Maybe you are looking for
-
How do I tell if a user profile is marked for deletion?
This is likely a question with a simple answer, but searching through Google and here hasn't helped. How do I tell if a user profile has been marked for deletion? Will it appear in the "Manager User Profiles" area of the User Profile Service Applicat
-
Service order - Blocked for credit check
Hello , I have a scenario where the service order will be created with reference to sales order and the credit check is active both for the sales order and the service order. we are releasing the sales order from credit block in VKM1 , but still t
-
Type-ahead like in address book?
I'm developing a simple app that displays a list, on selection the item details are displayed. Since the list is very long, I'm looking for type-ahead capability like the address book has (e.g. on 6310i). Is this possible with MIDP? Thanks, Andi
-
Hey I have been working with a JVC GY-111 camera and FCP5. When I go to capture the footage I have the problem of the camera being recognised etc. etc. and I have been using DVHScap to capture it and then Mpeg streamclip to bring it into FCP as a qui
-
I am having untold amounts of trouble with the home hub (2), its awful! Whenever we watch a video streamed over the network, the hub boots all devices (2 laptops, pc and ps3 though not all on at the same time) off the network and does not let you acc