How to manage SQL Server security with SQL Source Control

How to manage SQL Server security with SQL Source Control

One of the most common issue you can find when source controlling the database is about the security. How to manage the users and the related permissions?

If you use to apply permission to users and to assign users to the database, this can be a problem, especially when you are in the deployment phase (or else when getting latest versions from the source control). Let’s see these two scenarios:

Continue reading

SQL Server latest Updates (Jul. 2015)

Directly from the Microsoft Release Service blog, here is the list of latest updates for SQL Server 2012 SP2:

Cumulative Updates #7 for SQL Server 2012 SP2

You can download SQL Server Management Studio july release preview (release notes).

This month a security bulletin (MS15-058) was released also, more details on a previous post here.

Stay Tuned! :)

SQL Server Security Bulletin MS15-058 Released

A SQL Server security bulletin (MS15-058) was released yesterday (14-Jul-2015).
This update resolves vulnerabilities in Microsoft SQL Server that could allow remote code execution if an authenticated attacker runs a specially crafted query that is designed to execute a virtual function from a wrong address. This leads to a function call to uninitialized memory.
It applies to:
  • SQL Server 2008
  • SQL Server 2008 R2
  • SQL Server 2012
  • SQL Server 2014

If you feel confused about what version is affected, please read the blog post by Aaron Bertrand (an useful matrix here).

The KB is the #3065718, more details here.

 

Stay Tuned! :)

SQL Server Infernals – Circle 4: Anarchic Designers

Originally posted on spaghettidba:

Infernals

Constraints are sometimes annoying in real life, but no society can exist without rules and regulations. The same concept is found in Database Design: no good data can exist without constraints.

What they say in Heaven

Constraints define what is acceptable in the database and what does not comply with business rules. In Heaven, where the perfect database runs smoothly, no constraint is overlooked and all the data obeys to the rules of angels:

  • Every column accepts only the data it was meant for, using the appropriate data type
  • Every column that requires a value has a NOT NULL constraint
  • Every column that references a key in a different table has a FOREIGN KEY constraint
  • Every column that must comply with a business rule has a CHECK constraint
  • Every column that must be populated with a predefined value has a DEFAULT constraint
  • Every table has a PRIMARY KEY constraint
  • Every…

View original 498 more words

SQL Server Infernals – Circle 3: Shaky Typers

Originally posted on spaghettidba:

Infernals

Choosing the right data type for your columns is first of all a design decision that has tremendous impact on the correctness of the database schema. It is not just about performance or space usage: the data type is the first constraint on your data and it decides what can be persisted in your columns and what is not acceptable.

Choosing the wrong data type for your columns is a mistake that might make your life as a DBA look like hell.

What they say in Heaven

Guided by angelic spells, the hands that design databases in Heaven always choose the right data type. Database architects always look at the logical schema and ask the right questions about each attribute and they always manage to understand what the attribute is used for and what it will be used for in the future.

What will put you to hell

Choosing the…

View original 994 more words

SQL Server latest Updates (Jun. 2015)

SQL Server latest Updates (Jun. 2015)

Directly from the Microsoft Release Service blog, here is the list of latest updates for SQL Server 2014 RTM and SP1:

Cumulative Updates #8 for SQL Server 2014 RTM

Cumulative Updates #1 for SQL Server 2014 SP1

Additionally, you can download the new SQL Server Management Studio.  As in the Microsoft Release Service blog, the SQL Server Engineering Team says: “we are delighted to announce our first “preview” release of SQL Server Management Studio!  This is our first effort to release SQL Server Management Studio (SSMS) in a mechanism outside of the SQL Engine releases.  Our goal is to update this frequently with new features, fixes and support for the newest SQL Server features in SQL Server Engine and Azure SQL Database

Stay Tuned! :)