Made it to SQLPass conference this year, whew

I’m here at SQLPass conference in Texas, the preconference doesn’t look like it will be “rained out” as my was last year. I came in yesterday in the early evening. There was a little wind on the flight in but nothing major; the plane even arrived on schedule. I look forward to seeing everyone there. If you won’t […]

What’s that source code doin’ in there?

When I'd talk at Ascend about how Visual Studio auto-deploy of SQLCLR assemblies not only catalogs the assemblies and the PDB files to SQL Server 2005 but also the source files, folks would always ask "why the source files"? Today I found out; I'm surprised it escaped me for so long. In Visual Studio Server Explorer, if you've […]

Security in SQL Server 2005 – unsafe assemblies in Sept CTP

After writing about a lot of new security features that were added since we published our "First Look at SQL Server 2005 book" its nice to report on one that we had in there (at beta2), but never appeared in the product. Until now. In the September CTP version on SQL Server 2005 (I think […]

Security in SQL Server 2005 – “non-traditional” logins and users

This one's been around for a while, but don't think we'd mentioned it in the book. In addition to Windows logins and SQL logins, you can have SQL logins mapped to a certificate or to an asymmetric key. Same with database users. One of the reasons you might want to do this is to implement […]

Security in SQL Server 2005 – execute as…with cookie

You’ve probably heard by now of the usage of the EXECUTE AS clause with procedural code. As in “CREATE PROCEDURE foo WITH EXECUTE AS OWNER”. But EXECUTE AS can also be used at a session level,like this: EXECUTE AS USER=’fred’ — some T-SQL here REVERT This is meant to replace the SETUSER verb because you […]

Blog reading and “continued here”

As a blog reader as well as blog writer, I’m disturbed by a trend that seems to be more commonplace lately, the “continued here” trend. I’ll bet you’ve seen it too. The blog entry is comprised of two sentences or so (or even worse, just a teaser line) followed by “continued here” (or “more at” […]

Security in SQL Server 2005 – unsetapprole

One of the things folks would always ask during the Ascend program was "anything new for application roles? do they support connection pooling yet?". Well, it the most recent CTP (June, July?) there is. You can unset application roles now in addition to setting them. To unset you need to create a cookie, using an […]

Security in SQL Server 2005 – Encryption

In July 2004, encryption built-ins and key management had just been introduced in SQL Server 2005. Now its old news. They'll be a good-sized section about it in the book revision. You're probably heard of: EncryptBy (Key/Certificate/PassPhrase) and DecryptBy (Key/Certificate/PassPhrase) But there's also the less well-known: SignByAsymKey/SignByCert VerifySignedByAsymKey/VerifySignedByCert HashBytes and also the aptly-named: DecryptByKeyAutoCert and […]

Security in SQL Server 2005 – Logins

While working on the new edition of our book for after RTM, I've been looking around for security features that I missed or that didn't exist when we wrote it (May 2004 and before). Here's one: In SQL Server 2005, you can DISABLE a LOGIN by using ALTER LOGIN. You can also change the name of […]

I’ll be at PDC…not

That’s the question that folks ask a lot lately. See you at PDC? It’s not that I wouldn’t *like* to go. It’s that there’s another 3-letter acronym in my life that week, OSF. No, that’s not the Open Software Foundation, it’s the Oregon Shakespeare Festival. Mary and I will be making our twice-yearly trek to Ashland to see […]

SQL Server 2005 mailer feature uses Service Broker

I’ve heard this around quite a bit lately, but I attend some conferences and follow a lot of newsgroups. If you haven’t heard: Database Mail (was also called SQLimail I beleive) the new SMTP mail service in SQL Server 2005 uses Service Broker as the underlying infrastructure. One of the reasons why is: scalibility – […]