SansSQL

Saturday, March 7, 2015

Suggested ways to manage SQL server password - A Guest Post by Jyoti Prakash

Security management of SQL server is equally important and you must know that how to manage it. The most initial step to make your SQL server authentic is password security, which required management. Whether it is server or database, all the roles are simplified by security administration by allowing every individual user inherit permissions granted, denied, or abolished to those roles. Although there are multiple areas where user has to put the passwords, which require a proper handling.

SA account is a special login, which is provided for the complete backward compatibility. It is assigned to system admin to fix the roles, which cannot be changed. Therefore, SA account is the most often attacked account and deserves special attention. Here in this article you will get to know about the various rules to manage your SA password. Make sure your password must be random, complex, long and most important not used for multiple instances.
If you are looking for an efficient way to manage your passwords, it is advisable that follow the given techniques to keep track of all your passwords, in case of multiple servers you must use them. There could be multiple ways, here are some of them:

Store Password list
If your number of passwords count is manageable then you can just list them on a sheet and store that hard copy in a safe location. It is advisable that do not store the soft copy of this document as it could be a security risk. This is a very secured way to manage passwords, but could be risky if you have lost the hard copy.

Somewhere this method is not very convenient way to manage passwords as at the time of changing passwords, you have to immediately access this list. If in that case you are not in the situation to access this list. Then this list might become incomplete or become wrong over the time. Therefore, it is recommended that you should opt this method only if you have a reliable and diligent person to take care of this list.

Use Cloud storage
If your organization distributes teams with a rich number of users then, it would be difficult for you to manage all the passwords in the hard copy format. Therefore, to manage such large number of password list you can use several cloud based password management systems that let you to share passwords with the entire team. Many password management tools allow you to your passwords locally so that no one can access your passwords except authenticated users, ever if any other organization using the same password management service.

Local Password storage
Some people do not believe on cloud systems, if you are the one, then a local password store like KeePass, Password Safe, might make more sense to you. Such local password store facilitates multiple powerful features, which make them most trustable and secured ways to manage passwords.

With these tools the password store in encrypted format on a local system. To encrypt the stored password keys, tool uses powerful algorithms that make it infeasible for the attacker. These passwords are handled in such a manner that the system memory will also never store an unencrypted password.
However, these tools also have some shortcomings as well, but in terms of security they are much better.

Enterprise Password Managers
If you belongs to a really big enterprise and have number of servers to manage then enterprise password management tools might be the best thing you are looking for.

An Enterprise password manager not only used to store the passwords, however, they provide various other features as well. This tool can automatically manage access auditing and temporary access. This tool can also allow people to quickly access in case of emergency at the time of creating a 'loud' audit entry as well as sending relevant notifications to the authenticated people.
These tools can also schedule the time for regular password change. For example, you can use this feature to change your SA passwords on monthly or quarterly basis without any user interaction.

Do not use Password
In case you do not feel that there is a requirement of any password, so for this SQL Server also has a feature to disable its Authentication. If this is what you required then your all the authentication and password management system completely depends upon Active Directory. In this mode, you are allowed to control anyone's access up to a particular limit by just including the account into the appropriate AD group, this action can be easily analyzed. Additionally, You will also have a simple process to take all those accounts back out of those groups after a particular interval.

The best advantage of this approach is, that you do not have to manage multiple passwords therefore do not have any risk of security in terms of loss passwords. Here you can easily disable SQL Authentication, therefore, can say that it is the most secured way to handle sysadmin access to your SQL Server instances. Although it is not applicable in every case but this option is surely a considered to a good one.

Conclusion:
In the above mentioned information, you can see various ways to manage your SQL Server SA passwords. Each technique has its own pros and cons, so you have to choose the one according to your requirements. However, in case after following a proper way you have lost your password due to any reason then there are professionalSQL password recovery tools available that can access SQL master database file and allow you to reset your lost or forgotten SQL SA and other individual user passwords. You can choose a reputed and reliable product if you are facing any of such problems. 

About Jyoti Prakash
Jyoti is a Sr. DBA - SQL Server at Stellar Data Recovery and has written several article on SQL Server disaster recovery planning & fixing. In addition, she spend her time on Technical forums helping people with the issues related to SQL server.
Related Posts Widget For Blogger with ThumbnailsBlogger Templates

Friday, December 26, 2014

The timeout period elapsed while attempting to consume the pre-login handshake acknowledgement.

You might get the following error when trying to connect to an newly installed SQL Server 2014 instance.
The error says "The timeout period elapsed while attempting to consume the pre-login handshake acknowledgement."


This is because the server on which SQL server is installed, is denying the client connections to SQL Server.
To fix this error, allow connections to the SQL Server Port in the firewall.

Saturday, November 15, 2014

Import data from SharePoint Online

It's all cloud could and cloud now-a-days. Everyone are moving towards the cloud for making life easier.
In this post I will be explaining on how to extract/Import data from SharePoint Lists which is hosted on SharePoint Online of Office 365 using SSIS.
There is no direct way to connect to the SharePoint Online using SSIS.
For connecting to SharePoint Online using SSIS, we need the below components installed before stating.
  1. Microsoft OData Source for Microsoft SQL Server 2012
    Download from http://www.microsoft.com/en-in/download/details.aspx?id=42280
  2. SharePoint Server 2013 Client Components SDK
    Download from http://www.microsoft.com/en-in/download/details.aspx?id=35585 
Microsoft OData Source for Microsoft SQL Server 2012 is the SSIS component which we use as source connection to the Sharepoint Online Lists and SharePoint Server 2013 Client Components SDK allows us to connect to Sharepoint Online.

Once you download and Install both the components, 
  1. Open the Visual Studio and create a new Integration Services Package
  2. Drag and Drop "Data Flow Task"
  3. In the "Data Flow Task" Drag and Drop "OData Source"
  4. Right-Click on "OData Source" and Click Edit
  5. Enter the "Connection Manager Name" and "Service Document Location" For Service Document Location, append "/_vti_bin/listdata.svc" to the SharePoint site
    For Office 365, we need to use "User this user name and password"
  6. Click "All" and change the "Microsoft Online Services Authentication" to True
  7. Click "Test Connection"
  8. Click "OK"
  9. Then Choose "Collection" in "User Collection or resource path"
  10. In the "Collection" choose the list you want to import
  11. When you click on "Preview..." you will be able to see the data from the list
  12. Now add the destination connection and run the package to import data from the SharePoint Online list

Tuesday, October 14, 2014

Error while connecting to SQL Server Instance on a Windows Azure Machine from local SQL Server Management Studio

When you try to connect to an SQL Server Instance hosted on Windows Azure, it works perfectly fine from within the server or through Azure management portal.
However, when you try to connect to the same instance from an local SQL Server Management studio, you get the below error which says "The connection string is not valid. The parameter is incorrect"

This is because, the name of the server specified will be wrong. For connecting to the instance hosted on azure, the server name we specify is slightly different from what we specify regularly.

Make sure the connection details you specify is as below.

Server type:  Database Engine
Server name: tcp:<servername>.cloudapp.net,<DB Port Number> OR tcp:<servername>.database.windows.net
Authentication:  SQL Server Authentication
Login: SQL User Name
Password: Password

Thursday, October 9, 2014

Review on SysTools Master SQL Server Database Recovery Tool - A Guest Post by Andrew Jackson

Many might be aware of SysTools Software Company, which is a brand name in data recovery industry. Since its start in the year 2007 it has developed multiple software applications and served people all over the world with its highly sophisticated tools by online marketing. One of its key and highly talked about utility is SQL Recovery that is said to recover corrupt MDF and NDF files of MS SQL Server database (DB) and then export it into the database of server. It has been designed and redesigned quite a few times to provide users with new characteristics with its each new release.
Each edition of the SQL Server database recovery tool comes equipped with more enhanced and advanced features as compared to the previous one. The current version of the recovery tool that is being offered is 6.0. It is said to possess quite a number of amenities so as to facilitate people in recovering database and the compatible scripts too. However, the characteristics of the application need to be discussed in detail so as get a complete and overall understanding. The product review in fact is a step forward towards the same purpose. So, here goes a description of the key facilities and are mentioned in the section below:

Key Characteristics
This section of the review contains a detailed explanation of the multiple features of the SQL Server database recovery tool:   
  1. SQL Server DB File Recovery - The database of Structured Query Language server stores Tables, Rules, Stored Procedure, Functions, Views, Triggers and its associated Primary Key, Unique Key and many others  components. Each and every part is said to be recoverable on corruption be it regardless of the fact whether it is minor or major corruption.
  2. Primary & Secondary File Recovery – The primary files are the ones with .mdf as the extension while the secondary with .ndf file extension and both of them form the crucial part of server database in which data items are stored. Even when they get damaged the utility recovers it successfully without any difficulty.
  3. Recovery of Permanently Deleted Data - Sometimes data items of the server database gets removed permanently, knowingly or unknowingly, from the files. With Advance scan option both .mdf as well as .ndf file gets deeply scanned and with this even the permanently deleted data gets retrieved.
  4. Ability to Fix Major SQL Errors Also – When the level of corruption that affects the files of SQL server database is very high, then the damage caused to the primary and secondary files are also severe in nature and major errors prompt up. Even in such cases of rigorous damage, the tool fixes the errors while easily recovering both the file and its data. 
  5. Supports SQL Server 2012 and All below Versions – The tool is devised to recover corrupted files of almost all editions of the SQL server like 2012, 2008, 2008 R2, 2005 and also 2000 database files. However, the latest release is 2014 but it is not supported by the recovery application.
  6. Supported on All Releases of Windows Operating System – The most new version of MS Windows operating system is 8.1 and many users possess it. Therefore, the utility should be and is supported on all editions like Windows 8, 7, Vista, etc. including the latest one. 
Other Significant Properties of the Recovery Tool  
  • Multiple secondary files (with .ndf extension) can be scanned and recovered at a time. This helps in reducing time for recovery.  
  • Can export and save recovered file into both SQL Server database and also as SQL Server Compatible Scripts which is indeed a good feature. 
  • Offers choice of selection to export and save file with either only Schema or both schema and data as well. This is a highly advantageous as it gives user the power to follow his/ her needs.
  • Quick scan is provided to recover files from minor corruption issues. This is important because this form of scan takes less time to be executed as compared to Advance Scan mode of recovery.
  • Has the power to detect the version of SQL server automatically. This is indeed a great feature as it recovers damaged file even when the user is unaware of the edition of SQL server.
  • Minimum system requirements in terms of hard disk space, RAM and processor to install the software.
  • Secured by two powerful anti-malware technologies that are Norton and McAfee that protects the machine on which the tool is run.
Overall Performance Review 
As per the discussion on the characteristics of the SQL Recovery version 6.0 that functions as SQL Server database recovery tool, it can be concluded that the application is an appropriate selection to recover any kind of corruption issue in either the primary or its associated secondary files. With its extremely high tech design, the functionalities that it renders are matchless as compared to the ones developed by other companies. But the point where it lacks is that it does not support the most new release of SQL Server by Microsoft i.e. edition 2014. This drawback will restrict some users in making use of the utility but sidelining this point the software proves to be an apt solution.

Andrew is a SQL Server DBA at SysTools and he is based out of New York City.
He has nearly 7 years of rich experience on SQL Server Database administration skills.