I need to figure out a way to run under debug in SQL Server Management Studio 2008 R2. But I am given some restrictions that I cannot find the workaround for:
The user needs to be owner of a specific schema.
For that reason, the user cannot have the SysAdmin privilege. The reason for this is we already have many Stored Procedures where we do not specify the name of the Schema for the SQL Queries.
Since the user needs to have SysAdmin privilege, this conflicts with the first requirement as you cannot modify the DEFAULT_SCHEMA for sysadmins.
As far as I know, the only way to debug in SQL Server 2008 is to be given a SysAdmin privilege as this is how M$FT designed their software. What could be a possible workaround for this?
I understand that the recommended answer would be somewhere along the line of change how we wrote the SP or to consider redesigning the database design but sadly, this is not an option.
Please help!
By run under debug do you mean you want to debig stored procedures interactively using the T-SQL debugger?
If you are having problems getting this running, and your objective is to debug your code, you could also use SQL Profiler to observe exactly what is being executed inside your stored procedure. It of course will not support break points and start/stop but it will let you observe what is being executed.
Taken from MSDN: Run the Transact-SQL Debugger
We recommend that Transact-SQL code be debugged on a test server, not
a production server, for the following reasons: Debugging is a highly
privileged operation. Therefore, only members of the sysadmin fixed
server role are allowed to debug in SQL Server. Debugging sessions
often run for long periods of time while you investigate the
operations of several Transact-SQL statements. Locks, such as update
locks, that are acquired by the session might be held for extended
periods, until the session is ended or the transaction committed or
rolled back.
If you have concerns you may want to report your wish at microsoft connect site:
http://connect.microsoft.com/sqlserver
Related
I have developed an Excel add-in that I pitched to my employer's IT department. The add-in creates SELECT, INSERT, DELETE, and UPDATE SQL statements that are sent to a PostgreSQL database and any results (in the case of a SELECT statement) are returned to Excel to report on.
My team has been very impressed with this, but IT said that they don't allow laptops to perform CRUD operations directly on databases. Instead IT has set up certain environments to do this.
Can someone tell me if IT's concern around laptops directly connecting to a database and performing CRUD operations makes sense? Is this a valid concern?
If the laptops, their users and anybody else with access to them, the network connection, and the client software are all trusted, and you can always immediately push an update to the clients when the database structure inevitably changes in the future, then it's OK.
Otherwise it's not. The standard way would be to put some kind of service between the two that acts as a gatekeeper and defines the allowed operations on the database and who is allowed to do them. REST (or if you're enterprisey, SOAP) are two popular options. And don't send SQL over the wire in those cases.
With some database engines it might be possible in theory to let the users directly authenticate with the database and use the database's permission model to limit what they can do. For instance you could only allow users to execute certain stored procedures. But in practice that's probably more trouble than it's worth.
To be honest in practice it's probably not OK. That's too many things to trust at once.
Yes this is a valid concern. Someone could easily inject an SQL command into your database. They might be able to perform an operation that erases the entire database.
Say your software has this coed into itself: "SELECT $var1 FROM TEST WHERE $var2" and the user can modify var1 and var2. If they put "date > 10; DROP *" into var2 now your statement becomes "SELECT $var1 FROM TEST WHERE date > 10; DROP *;"
It is a little more complicated than that, but you should read up on SQL Injection.
I have a SQL Server 2008 R2 with a database in it.
How to find a certain query that was executed and from what IP ?
I have tried to go through the transaction logs but I cant understand nothing there.
You should use SQL Server Profiler. It's usually installed by default - look in the SQL Server folder on the Start Menu. When you open it, start a new trace and select the database. In the Trace Properties dialog choose the TSQL template. This will then record all the queries running on the database, along with a whole lot of other stuff. It's not massively easy to track stuff down in here, but look for the BatchStarting events to find the SQL that gets run. Then you should run the procedure sp_who2 on the database so you can match up SPIDs in the profiler to logins.
Problem
Executed as user: CORP\SVC-UK-SVCEMI. Conversion failed when converting date and/or time from character string. [SQLSTATE 22007] (Error 241). The step failed.
The problem I am facing is that I have created a Stored Procedure which, when executing in a SSMS Query window, runs fine - but fails when ran ran from a SQL Agent job.
Why I'm Stuck
As the job is running the exact same procedure, on the same database and data, I am severely confused on why this wouldn't work.
My Thoughts
Logically, I would put it down to the user account (As this is the only possible different I had identified), thinking maybe the SQL Agent service account somehow has a difference date format setting when myself. However, I am under the impression that these are set at server level (Which we have recently changed to GB-English) - rather than account level.
As I can't manage to replicate this issue in the query window, it has become extremely difficult to debug which row is causing the issues
Running from SSMS Query Window
SQL Agent Jobstop Configuration
Error Generated When Running Job
As I believe this to be a SQL Agent configuration issue, I haven't added any code from the SQL Procedure. I can do this on request, but it is very long (Think I take readability over shortness - and possibly performance- when it comes to writing SQL)
Any ideas on what could be causing this problem would be greatly appreciated.
Many thanks.
Ths stored proc in the Job is probably running under a different user account than the one you use when launching it from SSIS.
and, probably, this user account has different settings
try "EXECUTE AS user=xxxx" for your stored proc and use your own user account, then see what happens...
see: EXECUTE AS
We have a software solution that involves syncing some data between a Progress database and SQL server. Unfortunately, we do not have any Progress gurus in house, so I'm working kinda blind here and would welcome any advice that is on offer.
For the workflow that is already in place, what would work very well for us is the ability to do an external call to insert a row into an SQL database from an within ABL procedure's 'for each' loop.
Is anyone able to direct me to any code snippets or articles that might help me achieve this?
Many thanks,
In case your SQL database is MS SQL Server, you might want to have a look at OpenEdge DataServer for Microsoft SQL Server (web.progress.com/en/openedge/dataserver-microsoft.html, documentation.progress.com/output/OpenEdge102b/pdfs/dmsql/dmsql.pdf).
The DataServer provides you with ABL access to a non-Progress database so you can use standard Progress statements, e.g. CREATE to add new records or FOR EACH to retrieve query results.
OpenEdge DataServers are also available for Oracle (using Oracle Call Interface), DB2 and Sybase (using ODBC). The DataServer for MS SQL Server uses ODBC behind the scenes as well. web.progress.com/docs/datasheets/openedge/openedge_dataservers.pdf
You dont need the dataserver, connection with ADODB works fine in ABL, you can even call stored-procedures with the command object, the user you connect with will have to be granted EXEC rigths on the SQL-Server to do that.
I'm not a Progress guru, but I did do some work in it for awhile. AFAIK there is no way to have ABL code connect to a non-Progress database (part of that whole vendor lock-in strategy Progress Corp. leverages).
Your best bet is probably to have the ABL code serialize the records to XML, and use something like ActiveMQ (or even a plain socket or named pipe/FIFO depending on your setup) to send them to a program written in a more capable language to do the SQL insert.
I have a database which is part of a closed system and the end-user of the system would like me to write some reports using the data contains in a Sybase SQL Anywhere Database. The system doesn't provide the reports that they are looking for, but access to the data is available by connecting to this ASA database.
The vendor of the software would likely prefer I not update the database and I am basically read-only as I am just doing some reporting. All is good, seal is not broken, warranty still intact, etc,etc..
My main problem is that I am using jConnect in order to read from the database, and jConnect requires some "jConnect Routines" to be installed into the database. I've found that I can make this happen by just doing an "Alter Database Upgrade JConnect On", but I just don't fully understand what this does and if there is any risks associated with it.
So, my question is does anyone know exactly what jConnect routines are and how are they used? Is there any risk adding these to a database? Should I be worried about this?
If the vendor wants you to write reports using jConnect they will have to allow the installation of the JConnect tables.
These are quite safe, where I work the DBA team install these as a matter of course and we run huge databases in production with no impact.
There is an alternative driver that you could use called jTDS. Its open source and supports MS SQL Server and Sybase. I'm not sure if they require the JConnect tables or not.
I think that the additional tables are a bit of anachronism in this day and age.
Looking at ASA 10 docs, there is another driver: the iAnywhere JDBC driver which seems to be going through the ODBC driver, and as such, probably will not require an alteration of the database.
On the other hand, installing the "jConnect system objects" is done by running the script scrits/jcatalog.sql... You can show it the DBAs, if you want to reassure them. It creates some procedures, tables, variables.
The need for this script probably comes from the fact that jConnect talks to both ASE (Sybase) and iAnywhere databases, so it needs a compatibility layer installed in the database...