This month’s T-SQL Tuesday is an especially interesting one! Hosted by Raul Gonzalez (b|t), Raul asks us to talk about “Worst Practices” and when could they be a good thing to use. After all, the actual “best practice” is – well… it depends!
Read More »T-SQL Tuesday #158 – When Worst Practices are the Best
In this post, I will introduce you to a special T-SQL script that you can use for detecting potential SQL injection attacks in your database, as well as application-level bugs that you didn’t necessarily know you had.
Read More »Detect Application Bugs and Vulnerabilities You Didn’t Even Know About
Sometimes when trying to access a linked server, you’d get an error saying “Login failed for user NT AUTHORITY\ANONYMOUS LOGON”. This happens because you’re connected using Windows authentication, and SQL Server fails to “forward” your credentials to the linked server.
Hopefully, with this blog post, I’ll provide you with an easy-to-understand step-by-step guide, which would help you resolve the issue the right way, without any workarounds.
Read More »Resolved: Login failed for user NT AUTHORITY\ANONYMOUS LOGON – Delegation Step-by-Step
While being an awesome feature introduced in SQL Server 2012, Availability Groups were always missing the ability to synchronize server-level objects between replicas. This finally changed 10 years later, in SQL Server 2022, with the introduction of “Contained Availability Groups”.
Read More »What is not contained in contained Availability Groups
In today’s post, I’ll be providing a useful script to detect and troubleshoot when the query plan cache contains too many different plans for the same query hash, which could happen as a result of possible parameterization issues.
Read More »Too Many Plans for the Same Query Hash
Haha! If you’re seeing this, it means I finally migrated to my new WordPress host successfully! Yeepee!
‘dis mah new home, you like? 🐸
Read More »Oh, you’re seeing this?? Looks like it worked!
SQL Injection is something I would expect any reader of my blog to be familiar with. Despite being one of the oldest database attack methods, it still persists for decades on the OWASP Top Ten list of critical security risks to web applications.
In fact, instead of dying out, it only seems to be getting more clever and even automated. With “hacker bots” scouring the web and automatically probing for injection vulnerabilities to exploit. I know, as I’ve once been a victim of such attacks in the past.
But today I’m not actually going to talk about that. Today, I’m going to ask the question: When is SQL Injection dangerous, even if it’s perfectly safe?
Read More »Could SQL Injection be dangerous even when perfectly safe?
As a spiritual “part 4” in my ongoing series of webinars titled “CI and CD with SSDT”, I will be delivering an entirely new session called “Troubleshooting Build and Deployment of SSDT Projects for SQL Server DevOps” (or “Troubleshooting Common SSDT Errors” for short).
Read More »New Upcoming Session – Troubleshooting Common SSDT ErrorsThis month’s T-SQL Tuesday is hosted by Deb the DBA (b|t), who invites us to give a long rant about a question that a coworker could be asking us, without knowing what they’ve just gotten themselves into by doing that.
Well… I’ve got just the thing 🤭
Read More »T-SQL Tuesday #152 – Which version of my database was deployed? It depends!
Following the rise in popularity of DevOps for Databases, many interesting questions are being asked on the topic.
One of these questions is: Should your SQL Database project be in the same source control repository and solution as the App code project? Or maybe they should be in the same repository but separate solutions? Or maybe they should be in completely separate repositories?
Read More »Should the Database and Application projects be in the same Repository?