Back in the days of the original MCSE certification, you needed to practice. In order to practice, you needed machines. Lots of them that you could tear down and build back up. This wasn’t necessarily an easy thing, especially if you were doing a certification run with your own buck. I built two machines out of the cheapest parts I could get away with and still run Windows NT to have a lab to practice on. These days, with the power of our trusty computers, they actually will support running virtual machines.

What is a virtual machine? Well, it is an environment setup by special software that allows the operating system to run without being the only operating system running. In this case, Vista will be blissfully unaware that it is running on top of your Windows XP machine where you just got done blasting out some aliens. For situations where you need multiple machines to test and practice, deployment and event forwarding being two examples, then you can just turn to your smoking hot machine to do all the dirty work and you or your wallet don’t even need to break a sweat.

There are several options to run virtually with a continuing thriving community thinking of new ways to put many virtual machines into one physical box. For your needs, I would recommend one of the options that run on top of your existing operating system. These options include the recently released Microsoft Virtual PC 2007, Microsoft Virtual Server 2005, VMWare Workstation (there is a charge) and Player (free but requires a pre-built virtual machine). There are also products that run underneath the operating system, called a hypervisor, that are more appropriate for servers. If you want to try one out, give Citrix XenServer Express Edition a go.

For my purposes and while writing my MCITP Vista books, I used Microsoft’s Virtual PC 2007. It installs just like any other program on your Windows XP or Windows Vista (not home editions) desktop operating system. The best thing about it is its price, free. For someone on a budget, that has to be the best price of all. Anyway, you’ll want to have a decently beefy system to run a VM, particularly in the RAM department. I’d recommend no less than 1GB, which now seems to be the desktop/laptop standard. Put 2GB in and you will have a much smoother ride. If you’ll be using your host OS at the same time, a dual-core processor helps since the VM will only take advantage of one of those cores, leaving the other core free to download the latest Ricky Martin tracks.

The interface will seem deceptively simple. Above is a screenshot of my Virtual PC Console. To get started, just click File | New Virtual Machine Wizard. All of its virtual machines are based on .vmc files. You can use these to setup multiple boxes with the same settings. My purposes don’t get that fancy, so I just select Create a virtual machine.

Pick a name and save the .vmc file to another location if you choose, I just go with the default.

Microsoft Virtual PC 2007 includes native support of Windows Vista as well as several other operating systems. If you just have to get that DOS game working again, here is your chance.

The next screen will ask you for the amount of RAM you want to dedicate to the VM. I usually go with the recommended amount since I won’t be doing much heavy lifting with the VM, I just need to play with it until it doesn’t work anymore.

Here is the answer to the question, where do all the files go for this virtual machine? They exist in a file called a virtual hard disk. Create a new one, or point to an existing disk. Microsoft and some partners make VHD’s available for download and evaluation. Pick “A new virtual hard disk” when starting out.

Now you get to decide how big the VHD will be and where to put it. This is entirely up to you since you know your machine better than I, but remember that you will likely not be loading all of your applications and other fun onto this VM, just Vista so you can tinker. 20GB is plenty for Windows Vista if you are doing nothing else but practicing with the machine.

After you setup your VM, it will show up in the Virtual PC Console. From here, you can access the settings for your VM ad change things you deem necessary.

This is only the beginning. Now that you’ve built the VM, you essentially have a fresh computer with no operating system installed. How do you get Vista on this thing? Just click Start in the Virtual PC Console. From the CD menu you can capture an optical drive on your computer or an ISO image. After you do this, you’ll be able to boot the machine and start the setup process. I personally like to use the ISO image because it is just a little easier and faster. You can capture your DVD copy of Vista to an ISO using many CD Burning suites, like products from Nero or Roxio or some free alternatives.

That’s really it. Now you’ll have a fully functioning Vista machine without having dropped the dough to buy new hardware. You didn’t even have to upgrade your own computer’s host operating system if you didn’t want to. You’ll also be able to connect it to the existing network or create a private network between your virtual machines via the Console’s settings menu. Just select Networking and choose Shared Networking (NAT) (KB833134).

Some extra pointers. When you first get started and you click your mouse inside the VM window, you will likely be stuck there. Hit the right ALT key on your keyboard to return control to your host. Most shortcuts in VM PC rely on the right ALT key. Virtual PC will whine about the Virtual Machine additions. You can’t install this until the operating system is installed, but it is necessary to get rid of that annoying mouse control problem. You can install it from Action | Install or Update Virtual machine Additions. I hope this makes it easier to get going on your quest to be a fully certified MCITP.

- Eric Beehler (www.consortioservices.com/blog)

Digg It

Tech Mentor Fall 2007 in Las Vegas was a fun experience. A conference built for Windows Administrators, it was a nice change of pace from some of the developer centric shows. We covered so many new technologies, from virtualization to group policy to Powershell, that it made my head spin. Even the general keynote on Windows Server 2008 by Mark Minasi covered so many topics that are new to this OS, you likely couldn’t keep up when taking notes. What was confirmed for me is that a Windows Administrator has to be a jack of all trades. Sometimes the simplicity of Windows lulls employers into a false sense of security that a Windows infrastructure is easy to manage and that you can get cheap labor to cover yourself. Windows professionals know that properly administering Windows is just as difficult as the same environment on another platform. On top of that, some other “OS” experts don’t have to be familiar with as many technologies as their Windows brethren. Little do these people know that when you do Windows support, you can expect any Microsoft product to be thrown your way. You may have to become an expert on ISA as well as Exchange. You don’t see the Cisco security expert managing messaging servers on top of firewalls very often. You may have to manage your DNS environment as well as be good on SMS. When does your UNIX DNS guru have to touch desktop application upgrades?

Don’t fool yourself or let others be fooled into thinking that technology based upon Windows is easy. It is certainly not. With Windows 2008 Server coming and major rollouts of Windows Vista in the near future for most companies, you need to be more engaged in new technology than ever before while still maintaining the job you do now. Employers should not take for granted the deep level knowledge their Windows administrators have and those administering Windows should never rest on their laurels. You are only going to have to dive deeper in 2008.

Digg It

Hey-O!

Eric Johnson and I (Josh) are doing a webcast in conjunction with CA and Redmond Developer News on Data Modeling. To register for the event, click here. Below is the description. Come on by; we'll be talking about why data modeling is important, covering data model basics, and how CA's ERWin tool can help you build data models. Plus, we're trying to work out a deal to give away some sample chapters from our upcoming book, "Architecting Database Models for SQL Server".

--Josh

Understanding and Applying Data Modeling in Application Development

Date: Tuesday, November 13, 2007 Time: 2:00 PM Eastern; 11:00 AM Pacific

About the Webcast: Data modeling is the process of mapping real world information requirements to logical representations of the supporting data. Once your logical model is complete, you can start thinking about transforming it into a physical database model. Keeping the logical and physical model separate, but "in sync" will help ensure that you build a solid database that reflects the business needs. This technical Webcast gives you a thorough understanding of data modeling and shows you how to apply data modeling to application development. This presentation: Takes a close look at entities, attributes, and relationships, and how you can use them to build a logical model. Demonstrates how to take entities, attributes, and relationships and turn them into tables, columns, and keys. Looks at how you can use modeling tools like CA ERwin® DM to help in the process of creating a logical data model and mapping it to a physical database structure. Don’t miss the audience Q&A session following the presentations – always a hit with developers! REGISTER NOW! About the Presenters: Joshua Jones; Co-founder & Operating Systems Consultant; Consortio Services Eric Johnson; Co-founder & Database Technologies Consultant; Consortio Services Danny Sandwell; Product Manager, CA ERwin® Modeling; CA This Webcast is sponsored by CA.

Digg It

My new column on MCPMag.com is up and running. This will end up a regular column on the SQL Pro Insight when that site launches.

http://mcpmag.com/columns/article.asp?editorialsid=2276

Eric J

Digg It

by Eric Johnson

New to SQL Server 2005, SQL Server Integration Services (SSIS) adds an enterprise level extract, transform, and load (ETL) tool to the ever growing suite of SQL Server tools. SSIS replaces DTS, which was only around for two releases of SQL Server and grabbed limited following. Besides being slow and a little tricky to work with, DTS didn’t offer any easy ways of debugging packages when you had problems. With SSIS comes a whole host of methods for debugging your packages; helping you to get to the root cause of your problems.

The environment in which you build SSIS packages is called the SQL Server Business Intelligence Development Studio (BIDS), which comes with the SQL Server 2005 client tools. In reality, BIDS is just a stripped down version of Visual Studio. In fact, if you install Visual Studio on the same box as BIDS, you will, from that point forward, notice that you are running Visual Studio in lieu of BIDS. Okay. So what does this mean for debugging? It means that you have the power of Visual Studio at your fingertips when you are developing your SSIS packages.

Breakpoints

            One of the staples of debugging is the ability to setup breakpoints. SSIS let’s you setup two different kinds of breakpoints; on packages, tasks and containers, or inside of script objects. Once set, the execution of your SSIS package will stop at breakpoints and allow you to view the package in a paused state. When working with breakpoints, keep in mind that they can only be set on items in your control flow; you cannot setup breakpoints on data flow tasks. Let’s first look at setting up breakpoints on packages, tasks or containers.

            To setup a breakpoint on a package, you must go to the Control Flow tab, right-click on the background of the package, and select Edit Breakpoints. If you want to setup a breakpoint for a task or container, right-click the task or container you are interested in and select Edit Breakpoints. In either case, you will be presented with Set Breakpoints dialog.With this dialog, you can pick the Break Condition and the Hit Count for that condition. In this example, I have a data flow task set to break when it receives the OnPreExecute event. You notice there are options for hit count also available. In this example, I am telling the package to break after the task in question receives the OnPreExecute event, which is triggered just before the task runs, 5 or more times. When you run the package, it stops and highlights the task on which the breakpoint was triggered. The breakpoint we set earlier has been triggered and you are given the yellow arrow over the active break point. At this point you have access to the all the local variables, any watch variables you have configured, as well as a view of the package’s status as of the break.

            In addition to being able to setup breakpoints on packages, containers, and tasks, you can configure them inside of script tasks. To do this, you open the script in the script designer and either right-click the line you are interested in and select Breakpoint > Insert Breakpoint, or left click once in the left hand margin of the editor next to the line on which you want to break. Like before, the SSIS package will pause when your breakpoint is encountered.

            The sky is the limit on using your breakpoints. You can set them up to trigger if your “error logic” is called more then a few times, or just to be able to see what the package is doing during a problem spot. These breakpoints are stripped off when you compile the package to run from Integration Services, so don’t worry about affecting the production package when it comes time to elevate.

Data Viewers

            So you can setup breakpoints on your Control Flow, but what if you want to troubleshoot problems inside of a data flow? That is where Data Viewers come in handy. A Data Viewer, of which there are four flavors, can be configured on any of the Data Flow tasks. By right-clicking a path (one of the arrows between tasks) and selecting Data Viewers, you are presented with the Data Viewers section of the Data Flow Path Editor. From here, you can click Add and then select a Grid, Histogram, Scatter Plot, or Column chart to be displayed. The type of Data Viewer you pick will be largely dependent on the type of data you are viewing and what you need to know. In this case, I just want to see the data as it exists after the conditional split task. When you run the package, it will actually break at the data viewer and show you the data in the format you selected. At this point I can examine my data to ensure that things are running as expected or I can look for bad data that may be causing additional problems. In order to get the package going again, I can click the “play” button or click Detach. If I click play, the package will continue to execute, and the next time this same task is run, during a loop for example, I will get another data viewer with the current data. If I click Detach, the package will continue to run leaving my data viewer untouched. In this case, if the same task runs again in a loop, I will NOT get a new data viewer.

            SSIS offers several new methods of debugging. Two of the easiest methods to use are breakpoints and data viewers. Both of these methods will offer you a lot of information about the inner workings of your packages. Data viewers and breakpoints just start to scrape the surface of debugging inside SSIS packages, but hopefully this short overview has given you enough insight to be able to get under the hood and fix some of the problems you may encounter in your packages.

Copyright 2000  by TechTarget.com, 117 Kendrick Street, Suite 800, Needham, MA 02494. Reprinted by permission of TechTarget.com.

Digg It

Just a couple of quicks links to some recent articles Eric and Josh have published:

Product Reviews

http://redmondmag.com/reviews/article.asp?editorialsid=555 - Josh reviews SQL Sentry Event Manager.

http://redmondmag.com/features/article.asp?editorialsid=671 - Josh reviews SQL Server monitoring software.

http://redmondmagazine.com/reviews/article.asp?editorialsid=548 - Josh reviews Sunbelt's Messenging Ninja for Exchange.

Interviews

http://redmondmagazine.com/features/article.asp?EditorialsID=1781 - Redmond Developer News interviewed Josh for a .NET article.

Eric Johnson published a multi-part series in Redmond Magazine about SQL Server 2005:

http://redmondmagazine.com/features/article.asp?EditorialsID=576 - Part 1

http://redmondmagazine.com/features/article.asp?EditorialsID=587 - Part 2

http://redmondmagazine.com/features/article.asp?EditorialsID=599 - Part 3

http://redmondmagazine.com/features/article.asp?EditorialsID=607 - Part 4

Also, look for a new 3 part web-cast/whitepaper series on Data Modeling in Redmond Developer News and Visual Studio magazine in the coming months.

--Josh

Digg It

by Eric Johnson

SQL Server Reporting Services (SSRS) is an extremely handy tool in the SQL Server 2005 suite. You can use it to easily create, deploy, and manage reports for your entire organization. Its simplicity, however, can easily lead to a less then optimal configuration. You set it up, toss some reports on it and walk away. The problem is that you really don’t know who can see your reports. Data is extremely important to companies these days and much of that data is sensitive and should not be seen by everyone. So how can you implement SSRS in your environment and make sure that sensitive reports are only seen by the people authorized to view them? In this tip, we will cover the SSRS security model and talk about how you can leverage it to lock down your SSRS environment.

Overview

            SSRS security is managed on two levels; the SSRS site and on items within the site. At each level, the tasks that users can perform are managed via roles. Roles are just groups with certain tasks assigned to that group and members of the role can perform the assigned tasks. It’s that simple. Taking some time to create appropriate roles and assign your user accordingly will ensure that your SSRS site, and the reports it houses, are secure.

Site Level Security

The first level of security is Site Level security. On the SSRS site as a whole you can manage the tasks that your users are allowed to perform. The tasks are fixed, and you need to create your roles with these fixed tasks in mind. At this level, you will be assigning “administrative” tasks to users. Standard users that just need to view reports will probably not require any permission at this level, beyond the ability to view properties and schedules and execute report definitions. Here are the tasks you can assign to roles at the site level.

Execute Report Definitions This task allows a user to run a report definition without first loading the definition on to the SSRS server. This is required if you want your users to run report definitions from applications separate from SSRS, such as the Report Builder.

Generate events Allows applications to generate events in the SSRS namespace.

Manage jobs Allows users to view the jobs that are running on your SSRS server and cancel them if need be.

Manage report server properties This task allows users to manage properties of the report server, as well as the items managed by the report server.

Manage report server security This task allows your users to view and modify the members of your system level roles.

Manage roles Users with the manage roles task are allowed to create, view, and modify the role definitions. These users can change the tasks that are assigned to your roles.

Manage shared schedules SSRS contains shared schedules that can be tied to report execution; this task will allow users to manage these schedules.

View report server properties This task lets your users view, be not change, the properties of the report server. This task is implied if the role has the Manage report server properties task assigned.

View shared schedules This task lets your users view, be not change, the shared schedules on the report server. This task is implied if the role has the Manage shared schedules task assigned

            To control which users are allowed to perform each of these tasks, you first create a system level role. There are two built in system level roles when you install SSRS.

System Administrator Can manage all aspects of the SSRS site. The only tasks that cannot be performed by default is the Generate Events task. If you want administrators, or any user for that matter, to be able to perform this task, you must explicitly assign it to the appropriate role.

System User These users are allowed to view report server properties and shared schedules and execute report definitions. These tasks are assigned so that users can run reports.

 To create new roles, click Site Settings in the top left corner of the Report Browser and then select Configure system-level role definitions under Security. This will open the System Roles page: to create a new role click the New Role button. This will open the New System Role page, shown below. All you have to do now is name the role, give it a description, and select all the tasks you want this role to be able to perform. When you’re done, click OK.

            To assign users to your newly created role, go back to the site settings screen and select Configure site-wide security. This will open the System Role Assignments screen and you can simply click New Role Assignment to add new Windows users or groups to one of your SSRS System Level Roles.

Item Level Security

Item Level Security is managed in much the same way as site level security. You still work with roles and tasks, but the role assignment is done on a per item basis. In other words, a user in the Browser role for one folder may be in the Content Manager role on another folder. Here are the tasks that can be assigned to item level roles.

Consume reports Allows users to read report definitions. This is a fancy way to say “these users can run reports”.

Create linked reports Allows user to create links between columns in a report and another report. Users are also allowed to publish these reports to a folder.

Manage all subscriptions This task allows the user to view and manage other user’s subscriptions to an item.

Manage data sources Allows the user to create and delete shared data sources in SSRS.

Manage folders Allows the user to create and delete folders in SSRS. They can also modify the properties of existing folders.

Manage individual subscriptions This allows the user to create, view, and modify subscriptions that that user owns.

Manage models This task gives the user the rights to create, view, and modify models.

Manage reports Allows the user to create and delete reports.

Manage resources Allows users to create, modify, and delete resources in a folder. Resources are items such as shared schedules.

Set security for individual items This allows the user to manage security for reports, folders, resources, and shared data sources.

View data sources Allows user to view the properties of shared data sources.

View folders Allows user to view folders and folder properties

View models Allows users to view models and model properties

View reports This allows users to view reports in the folder hierarchy. This does not, however, allows users to run reports, for that they require the Consume Reports task.

View resources This task allows user to view resources and resources’ properties in folders.

            As with system level roles, there are some built-in item level roles you can use when assigning permissions. If these roles aren’t enough, you can build additional roles, and assign users any combination of the item level tasks we just looked at. The built-in item level roles are as follows.

Browser This role is configured to allow users to view folders and reports and allows them to subscribe to reports.

Content Manager These users can manage the content of the SSRS site. This includes managing folders, reports, and resources.

My Reports This role allows users to publish reports and manage reports, folders, and resources in their My Reports folder.

Publisher This user can publish reports and manage reports, folders, and resources on the report server.

Report Builder Report Builders have access to view report definitions.

Okay, now down to the details. To manage these roles, you have several options. Item level security can be applied to a folder, report, data source, or resource. To give users permission to an item, you need to open that item and view its security properties. When you add a user, you will also need to assign a user to a role for that item. In the case of folders, the role a user is assigned at the top level folder will, by default, be inherited by other items inside that folder. You do have the ability to override security on a lower level folder of item.

At this point, the security of your SSRS server is entirely up to you. You can create different folders for each department and assign only employees in that department with access to that folder. Within each department folder, I like to create an additional folder for sensitive reports and further lock that folder down to the appropriate users. Take some time and really plan out how your reports will be placed on the server and how you want the security to look. Using SSRS there is no reason that all your reports, regardless of sensitivity can’t be stored in a single report server.

Copyright 2000  by TechTarget.com, 117 Kendrick Street, Suite 800, Needham, MA 02494. Reprinted by permission of TechTarget.com.

Digg It

Just want to let everyone know that I have received my SQL Server MVP award. Over the past year I have done a fair bit of writing and speaking as well as running the Colorado Springs SQL Server Users Group. I look forward to continuing my work with the SQL Server community in the coming years.

Eric 

Digg It

Josh and I have been hard at work on Architecting Database Models for SQL Server (Addison-Wesley). With the release of this title coming so close to SQL Server 2008, we have deceided to update the book to contain all the new peices that will be relavent to 2008 and data modeling. Look for coverage of the following features:

• New Datatypes
• Spatial Databases
• Entity Data Platform
• New T-SQL Syntax
• and more....

We want to give you a complete look at database modeling in SQL Server, so that means waiting just a little while to get the book into your hands. Look for it in the Summer of 2008.

Eric

Digg It