Creating Dynamic Data Sources in SSRS

For my first blog post, I decided to write about a cool little project that came across my desk a few months ago. The request was to create a SSRS report that could be used to insert records to a database by supplying the user with dropdown parameter values from a list of tables. With a simple stored procedure, you can easily set up a report to insert records to a table, but there was an added requirement for the user to be able to select the site (database) that the values should come from. As the user needed to be able to select the site first, the rest of the parameters needed to be set up depending on which value they selected. You can set up the data sources dynamically using a couple different techniques, but I’ll explain how I approached it.

Continue reading Creating Dynamic Data Sources in SSRS

When is it the Right Time to Use the SSIS Lookup Task?

I have been working as a DBA for RDX (Remote DBA Experts) for a few years now. At this point in my career, I believe it’s time to start giving back to the SQL community. I have commonly seen many misunderstand how the Lookup task in SSIS actually works. The Lookup task does work as a join method. However, the Lookup task actually is going to pull back only the top matching record from the defined Lookup task in your SSIS package.

Continue reading When is it the Right Time to Use the SSIS Lookup Task?

Experts deem SQL injection a primary threat to database security

Fortinet, a network security firm, revealed that the single-password security model makes SQL injection one of the most serious cyber-security threats to monitor in 2013. In fact, a study conducted by Imperva determined that SQL injection is now tied with DDoS as the most popular topic in hacker forums. Simple passwords comprised of four or five-characters can be easily figured out with cloud-based cracking tools, and Fortinet predicts that as a result, multi-factor authentication will become essential.

Continue reading Experts deem SQL injection a primary threat to database security

Integration of Windows Server 2012, SQL Server 2012 produces results

One reason Microsoft products are so popular in corporate settings is because of their smooth integration with one another. This is especially true for Windows Server 2012 and SQL Server 2012, which can help companies improve performance levels and experience other benefits, according to SQL Server Pro’s Michael Otey.

Continue reading Integration of Windows Server 2012, SQL Server 2012 produces results

SQL injection attacks are the No. 1 danger to databases

Companies have a tough task on their hands regarding database security, and some threats are more dangerous than others. Dark Reading’s Adrian Lane recently explained that businesses should fear SQL injection incidents more than they do malware even though vendors will often say the latter is the bigger issue.

Continue reading SQL injection attacks are the No. 1 danger to databases

Managing the Number of VLFs in your Transaction Log

When I investigate a new SQL Server instance for the first time, I perform a number of standard checks to get a handle on the current health of the system. One of the checks I like to perform is a VLF count on each transaction log file associated with each database on the system.

Continue reading Managing the Number of VLFs in your Transaction Log

An Introduction to the SQL Server Default Trace

Many Database Administrators are aghast when they discover that SQL Server 2005 and above have a default trace that runs 24 hours a day, 7 days a week. Most of us are taught early on in our careers that extended tracing is something that should only occur on rare occasions. Before you rush out and disable the default trace across all of your SQL Servers, let’s take a moment to find out what it’s actually capturing for us.

Continue reading An Introduction to the SQL Server Default Trace