This month’s T-SQL Tuesday is an especially interesting one! Hosted by Raul Gonzalez (b|t), Raul asks us to talk about “Worst Practices” and when could they be a good thing to use. After all, the actual “best practice” is – well… it depends!
Read More »T-SQL Tuesday #158 – When Worst Practices are the Best
In this post, I will introduce you to a special T-SQL script that you can use for detecting potential SQL injection attacks in your database, as well as application-level bugs that you didn’t necessarily know you had.
Read More »Detect Application Bugs and Vulnerabilities You Didn’t Even Know About
Sometimes when trying to access a linked server, you’d get an error saying “Login failed for user NT AUTHORITY\ANONYMOUS LOGON”. This happens because you’re connected using Windows authentication, and SQL Server fails to “forward” your credentials to the linked server.
Hopefully, with this blog post, I’ll provide you with an easy-to-understand step-by-step guide, which would help you resolve the issue the right way, without any workarounds.
Read More »Resolved: Login failed for user NT AUTHORITY\ANONYMOUS LOGON – Delegation Step-by-Step
While being an awesome feature introduced in SQL Server 2012, Availability Groups were always missing the ability to synchronize server-level objects between replicas. This finally changed 10 years later, in SQL Server 2022, with the introduction of “Contained Availability Groups”.
Read More »What is not contained in contained Availability Groups
In today’s post, I’ll be providing a useful script to detect and troubleshoot when the query plan cache contains too many different plans for the same query hash, which could happen as a result of possible parameterization issues.
Read More »Too Many Plans for the Same Query Hash
SQL Injection is something I would expect any reader of my blog to be familiar with. Despite being one of the oldest database attack methods, it still persists for decades on the OWASP Top Ten list of critical security risks to web applications.
In fact, instead of dying out, it only seems to be getting more clever and even automated. With “hacker bots” scouring the web and automatically probing for injection vulnerabilities to exploit. I know, as I’ve once been a victim of such attacks in the past.
But today I’m not actually going to talk about that. Today, I’m going to ask the question: When is SQL Injection dangerous, even if it’s perfectly safe?
Read More »Could SQL Injection be dangerous even when perfectly safe?
SQL Sentry uses a service to monitor targets. But what if this monitoring service is down? Who will alert about the alerter not alerting? Who is watching the watchers? Who is monitoring the monitor?
Back in April 2020, I created an open-source project called “SQL Server Page Allocation Reports“. It consisted of a set of SQL queries and some Power BI reports that can be used for visualizing the size and locations of your data and transaction log pages.
Well, recently I also added SSMS Custom Reports into the mix. So, it’s time to revisit this project and see what’s new!
Read More »It is 10 PM, do you know where your pages are?
Do you find yourself facing performance problems and long lock chains caused by very frequent INSERT, UPDATE, or DELETE statements being executed on a table? Check out this neat trick that could help you out and make all the difference in the world.
Read More »The Asynchronous Ledger Trick for Fast SQL Server Insert, Update and Delete Processes
As part of its regular, ongoing, day-to-day activities, your SQL Server instance would naturally collect historical data about its automated operations. If left unchecked, this historical data could pile up, leading to wasted storage space, performance hits, and even worse issues.
MSDB would obviously be collecting data about the SQL Agent job executions. But there are also several other types of historical data that needs to be cleaned up once in a while. I hope to cover all bases and leave no historical data un-cleaned.
Read More »Keep Your MSDB Clean