Tech Mentor Fall 2007 in Las Vegas was a fun experience. A conference built for Windows Administrators, it was a nice change of pace from some of the developer centric shows. We covered so many new technologies, from virtualization to group policy to Powershell, that it made my head spin. Even the general keynote on Windows Server 2008 by Mark Minasi covered so many topics that are new to this OS, you likely couldn’t keep up when taking notes. What was confirmed for me is that a Windows Administrator has to be a jack of all trades. Sometimes the simplicity of Windows lulls employers into a false sense of security that a Windows infrastructure is easy to manage and that you can get cheap labor to cover yourself. Windows professionals know that properly administering Windows is just as difficult as the same environment on another platform. On top of that, some other “OS” experts don’t have to be familiar with as many technologies as their Windows brethren. Little do these people know that when you do Windows support, you can expect any Microsoft product to be thrown your way. You may have to become an expert on ISA as well as Exchange. You don’t see the Cisco security expert managing messaging servers on top of firewalls very often. You may have to manage your DNS environment as well as be good on SMS. When does your UNIX DNS guru have to touch desktop application upgrades?

Don’t fool yourself or let others be fooled into thinking that technology based upon Windows is easy. It is certainly not. With Windows 2008 Server coming and major rollouts of Windows Vista in the near future for most companies, you need to be more engaged in new technology than ever before while still maintaining the job you do now. Employers should not take for granted the deep level knowledge their Windows administrators have and those administering Windows should never rest on their laurels. You are only going to have to dive deeper in 2008.

Digg It

Hey-O!

Eric Johnson and I (Josh) are doing a webcast in conjunction with CA and Redmond Developer News on Data Modeling. To register for the event, click here. Below is the description. Come on by; we'll be talking about why data modeling is important, covering data model basics, and how CA's ERWin tool can help you build data models. Plus, we're trying to work out a deal to give away some sample chapters from our upcoming book, "Architecting Database Models for SQL Server".

--Josh

Understanding and Applying Data Modeling in Application Development

Date: Tuesday, November 13, 2007 Time: 2:00 PM Eastern; 11:00 AM Pacific

About the Webcast: Data modeling is the process of mapping real world information requirements to logical representations of the supporting data. Once your logical model is complete, you can start thinking about transforming it into a physical database model. Keeping the logical and physical model separate, but "in sync" will help ensure that you build a solid database that reflects the business needs. This technical Webcast gives you a thorough understanding of data modeling and shows you how to apply data modeling to application development. This presentation: Takes a close look at entities, attributes, and relationships, and how you can use them to build a logical model. Demonstrates how to take entities, attributes, and relationships and turn them into tables, columns, and keys. Looks at how you can use modeling tools like CA ERwin® DM to help in the process of creating a logical data model and mapping it to a physical database structure. Don’t miss the audience Q&A session following the presentations – always a hit with developers! REGISTER NOW! About the Presenters: Joshua Jones; Co-founder & Operating Systems Consultant; Consortio Services Eric Johnson; Co-founder & Database Technologies Consultant; Consortio Services Danny Sandwell; Product Manager, CA ERwin® Modeling; CA This Webcast is sponsored by CA.

Digg It

My new column on MCPMag.com is up and running. This will end up a regular column on the SQL Pro Insight when that site launches.

http://mcpmag.com/columns/article.asp?editorialsid=2276

Eric J

Digg It

by Eric Johnson

New to SQL Server 2005, SQL Server Integration Services (SSIS) adds an enterprise level extract, transform, and load (ETL) tool to the ever growing suite of SQL Server tools. SSIS replaces DTS, which was only around for two releases of SQL Server and grabbed limited following. Besides being slow and a little tricky to work with, DTS didn’t offer any easy ways of debugging packages when you had problems. With SSIS comes a whole host of methods for debugging your packages; helping you to get to the root cause of your problems.

The environment in which you build SSIS packages is called the SQL Server Business Intelligence Development Studio (BIDS), which comes with the SQL Server 2005 client tools. In reality, BIDS is just a stripped down version of Visual Studio. In fact, if you install Visual Studio on the same box as BIDS, you will, from that point forward, notice that you are running Visual Studio in lieu of BIDS. Okay. So what does this mean for debugging? It means that you have the power of Visual Studio at your fingertips when you are developing your SSIS packages.

Breakpoints

            One of the staples of debugging is the ability to setup breakpoints. SSIS let’s you setup two different kinds of breakpoints; on packages, tasks and containers, or inside of script objects. Once set, the execution of your SSIS package will stop at breakpoints and allow you to view the package in a paused state. When working with breakpoints, keep in mind that they can only be set on items in your control flow; you cannot setup breakpoints on data flow tasks. Let’s first look at setting up breakpoints on packages, tasks or containers.

            To setup a breakpoint on a package, you must go to the Control Flow tab, right-click on the background of the package, and select Edit Breakpoints. If you want to setup a breakpoint for a task or container, right-click the task or container you are interested in and select Edit Breakpoints. In either case, you will be presented with Set Breakpoints dialog.With this dialog, you can pick the Break Condition and the Hit Count for that condition. In this example, I have a data flow task set to break when it receives the OnPreExecute event. You notice there are options for hit count also available. In this example, I am telling the package to break after the task in question receives the OnPreExecute event, which is triggered just before the task runs, 5 or more times. When you run the package, it stops and highlights the task on which the breakpoint was triggered. The breakpoint we set earlier has been triggered and you are given the yellow arrow over the active break point. At this point you have access to the all the local variables, any watch variables you have configured, as well as a view of the package’s status as of the break.

            In addition to being able to setup breakpoints on packages, containers, and tasks, you can configure them inside of script tasks. To do this, you open the script in the script designer and either right-click the line you are interested in and select Breakpoint > Insert Breakpoint, or left click once in the left hand margin of the editor next to the line on which you want to break. Like before, the SSIS package will pause when your breakpoint is encountered.

            The sky is the limit on using your breakpoints. You can set them up to trigger if your “error logic” is called more then a few times, or just to be able to see what the package is doing during a problem spot. These breakpoints are stripped off when you compile the package to run from Integration Services, so don’t worry about affecting the production package when it comes time to elevate.

Data Viewers

            So you can setup breakpoints on your Control Flow, but what if you want to troubleshoot problems inside of a data flow? That is where Data Viewers come in handy. A Data Viewer, of which there are four flavors, can be configured on any of the Data Flow tasks. By right-clicking a path (one of the arrows between tasks) and selecting Data Viewers, you are presented with the Data Viewers section of the Data Flow Path Editor. From here, you can click Add and then select a Grid, Histogram, Scatter Plot, or Column chart to be displayed. The type of Data Viewer you pick will be largely dependent on the type of data you are viewing and what you need to know. In this case, I just want to see the data as it exists after the conditional split task. When you run the package, it will actually break at the data viewer and show you the data in the format you selected. At this point I can examine my data to ensure that things are running as expected or I can look for bad data that may be causing additional problems. In order to get the package going again, I can click the “play” button or click Detach. If I click play, the package will continue to execute, and the next time this same task is run, during a loop for example, I will get another data viewer with the current data. If I click Detach, the package will continue to run leaving my data viewer untouched. In this case, if the same task runs again in a loop, I will NOT get a new data viewer.

            SSIS offers several new methods of debugging. Two of the easiest methods to use are breakpoints and data viewers. Both of these methods will offer you a lot of information about the inner workings of your packages. Data viewers and breakpoints just start to scrape the surface of debugging inside SSIS packages, but hopefully this short overview has given you enough insight to be able to get under the hood and fix some of the problems you may encounter in your packages.

Copyright 2000  by TechTarget.com, 117 Kendrick Street, Suite 800, Needham, MA 02494. Reprinted by permission of TechTarget.com.

Digg It

Just a couple of quicks links to some recent articles Eric and Josh have published:

Product Reviews

http://redmondmag.com/reviews/article.asp?editorialsid=555 - Josh reviews SQL Sentry Event Manager.

http://redmondmag.com/features/article.asp?editorialsid=671 - Josh reviews SQL Server monitoring software.

http://redmondmagazine.com/reviews/article.asp?editorialsid=548 - Josh reviews Sunbelt's Messenging Ninja for Exchange.

Interviews

http://redmondmagazine.com/features/article.asp?EditorialsID=1781 - Redmond Developer News interviewed Josh for a .NET article.

Eric Johnson published a multi-part series in Redmond Magazine about SQL Server 2005:

http://redmondmagazine.com/features/article.asp?EditorialsID=576 - Part 1

http://redmondmagazine.com/features/article.asp?EditorialsID=587 - Part 2

http://redmondmagazine.com/features/article.asp?EditorialsID=599 - Part 3

http://redmondmagazine.com/features/article.asp?EditorialsID=607 - Part 4

Also, look for a new 3 part web-cast/whitepaper series on Data Modeling in Redmond Developer News and Visual Studio magazine in the coming months.

--Josh

Digg It

by Eric Johnson

SQL Server Reporting Services (SSRS) is an extremely handy tool in the SQL Server 2005 suite. You can use it to easily create, deploy, and manage reports for your entire organization. Its simplicity, however, can easily lead to a less then optimal configuration. You set it up, toss some reports on it and walk away. The problem is that you really don’t know who can see your reports. Data is extremely important to companies these days and much of that data is sensitive and should not be seen by everyone. So how can you implement SSRS in your environment and make sure that sensitive reports are only seen by the people authorized to view them? In this tip, we will cover the SSRS security model and talk about how you can leverage it to lock down your SSRS environment.

Overview

            SSRS security is managed on two levels; the SSRS site and on items within the site. At each level, the tasks that users can perform are managed via roles. Roles are just groups with certain tasks assigned to that group and members of the role can perform the assigned tasks. It’s that simple. Taking some time to create appropriate roles and assign your user accordingly will ensure that your SSRS site, and the reports it houses, are secure.

Site Level Security

The first level of security is Site Level security. On the SSRS site as a whole you can manage the tasks that your users are allowed to perform. The tasks are fixed, and you need to create your roles with these fixed tasks in mind. At this level, you will be assigning “administrative” tasks to users. Standard users that just need to view reports will probably not require any permission at this level, beyond the ability to view properties and schedules and execute report definitions. Here are the tasks you can assign to roles at the site level.

Execute Report Definitions This task allows a user to run a report definition without first loading the definition on to the SSRS server. This is required if you want your users to run report definitions from applications separate from SSRS, such as the Report Builder.

Generate events Allows applications to generate events in the SSRS namespace.

Manage jobs Allows users to view the jobs that are running on your SSRS server and cancel them if need be.

Manage report server properties This task allows users to manage properties of the report server, as well as the items managed by the report server.

Manage report server security This task allows your users to view and modify the members of your system level roles.

Manage roles Users with the manage roles task are allowed to create, view, and modify the role definitions. These users can change the tasks that are assigned to your roles.

Manage shared schedules SSRS contains shared schedules that can be tied to report execution; this task will allow users to manage these schedules.

View report server properties This task lets your users view, be not change, the properties of the report server. This task is implied if the role has the Manage report server properties task assigned.

View shared schedules This task lets your users view, be not change, the shared schedules on the report server. This task is implied if the role has the Manage shared schedules task assigned

            To control which users are allowed to perform each of these tasks, you first create a system level role. There are two built in system level roles when you install SSRS.

System Administrator Can manage all aspects of the SSRS site. The only tasks that cannot be performed by default is the Generate Events task. If you want administrators, or any user for that matter, to be able to perform this task, you must explicitly assign it to the appropriate role.

System User These users are allowed to view report server properties and shared schedules and execute report definitions. These tasks are assigned so that users can run reports.

 To create new roles, click Site Settings in the top left corner of the Report Browser and then select Configure system-level role definitions under Security. This will open the System Roles page: to create a new role click the New Role button. This will open the New System Role page, shown below. All you have to do now is name the role, give it a description, and select all the tasks you want this role to be able to perform. When you’re done, click OK.

            To assign users to your newly created role, go back to the site settings screen and select Configure site-wide security. This will open the System Role Assignments screen and you can simply click New Role Assignment to add new Windows users or groups to one of your SSRS System Level Roles.

Item Level Security

Item Level Security is managed in much the same way as site level security. You still work with roles and tasks, but the role assignment is done on a per item basis. In other words, a user in the Browser role for one folder may be in the Content Manager role on another folder. Here are the tasks that can be assigned to item level roles.

Consume reports Allows users to read report definitions. This is a fancy way to say “these users can run reports”.

Create linked reports Allows user to create links between columns in a report and another report. Users are also allowed to publish these reports to a folder.

Manage all subscriptions This task allows the user to view and manage other user’s subscriptions to an item.

Manage data sources Allows the user to create and delete shared data sources in SSRS.

Manage folders Allows the user to create and delete folders in SSRS. They can also modify the properties of existing folders.

Manage individual subscriptions This allows the user to create, view, and modify subscriptions that that user owns.

Manage models This task gives the user the rights to create, view, and modify models.

Manage reports Allows the user to create and delete reports.

Manage resources Allows users to create, modify, and delete resources in a folder. Resources are items such as shared schedules.

Set security for individual items This allows the user to manage security for reports, folders, resources, and shared data sources.

View data sources Allows user to view the properties of shared data sources.

View folders Allows user to view folders and folder properties

View models Allows users to view models and model properties

View reports This allows users to view reports in the folder hierarchy. This does not, however, allows users to run reports, for that they require the Consume Reports task.

View resources This task allows user to view resources and resources’ properties in folders.

            As with system level roles, there are some built-in item level roles you can use when assigning permissions. If these roles aren’t enough, you can build additional roles, and assign users any combination of the item level tasks we just looked at. The built-in item level roles are as follows.

Browser This role is configured to allow users to view folders and reports and allows them to subscribe to reports.

Content Manager These users can manage the content of the SSRS site. This includes managing folders, reports, and resources.

My Reports This role allows users to publish reports and manage reports, folders, and resources in their My Reports folder.

Publisher This user can publish reports and manage reports, folders, and resources on the report server.

Report Builder Report Builders have access to view report definitions.

Okay, now down to the details. To manage these roles, you have several options. Item level security can be applied to a folder, report, data source, or resource. To give users permission to an item, you need to open that item and view its security properties. When you add a user, you will also need to assign a user to a role for that item. In the case of folders, the role a user is assigned at the top level folder will, by default, be inherited by other items inside that folder. You do have the ability to override security on a lower level folder of item.

At this point, the security of your SSRS server is entirely up to you. You can create different folders for each department and assign only employees in that department with access to that folder. Within each department folder, I like to create an additional folder for sensitive reports and further lock that folder down to the appropriate users. Take some time and really plan out how your reports will be placed on the server and how you want the security to look. Using SSRS there is no reason that all your reports, regardless of sensitivity can’t be stored in a single report server.

Copyright 2000  by TechTarget.com, 117 Kendrick Street, Suite 800, Needham, MA 02494. Reprinted by permission of TechTarget.com.

Digg It

Just want to let everyone know that I have received my SQL Server MVP award. Over the past year I have done a fair bit of writing and speaking as well as running the Colorado Springs SQL Server Users Group. I look forward to continuing my work with the SQL Server community in the coming years.

Eric 

Digg It

Josh and I have been hard at work on Architecting Database Models for SQL Server (Addison-Wesley). With the release of this title coming so close to SQL Server 2008, we have deceided to update the book to contain all the new peices that will be relavent to 2008 and data modeling. Look for coverage of the following features:

• New Datatypes
• Spatial Databases
• Entity Data Platform
• New T-SQL Syntax
• and more....

We want to give you a complete look at database modeling in SQL Server, so that means waiting just a little while to get the book into your hands. Look for it in the Summer of 2008.

Eric

Digg It