Presentation is loading. Please wait.

Presentation is loading. Please wait.

How to Take Advantage of Contained Databases in SQL Server 2012 Steve Jones SQLServerCentral Red Gate Software.

Published byColin Hodge Modified over 8 years ago

Similar presentations

Presentation on theme: "How to Take Advantage of Contained Databases in SQL Server 2012 Steve Jones SQLServerCentral Red Gate Software."— Presentation transcript:

1 How to Take Advantage of Contained Databases in SQL Server 2012 Steve Jones SQLServerCentral Red Gate Software

2 Agenda What is a contained database? Contained Databases in SQL Server 2012 Looking Forward

3

4

5 Instance DB1 tables, views procedures users Databases in SQL Server DB1 tables, views procedures users DB1 tables, views procedures users

6 Instance Other RDBMS Platforms DB1 tables, views procedures users Instance DB1 tables, views procedures users Instance DB1 tables, views procedures users

7 Instance DB1 tables, views procedures users Databases in SQL Server DB1 User tables, views procedures users Logins Linked Servers Jobs Packages/Plans

8 DB1 tables, views procedures Contained Databases Databases in SQL Server DB1 tables, views procedures Logins Linked Servers Jobs Packages

9 Moving Databases When do we move database? – Testing – DR – Hardware upgrades – Scalability – Azure

10 Virtualization Moving VMs

11 Azure

12 Contained Database A contained database is a concept in which a database includes all the settings and metadata required to define the database and has no configuration dependencies on the instance of the SQL Server Database Engine where the database is installed. From Partially Contained Databases

13 Terms Application Boundary (Database Boundary) Contained Uncontained Application Model (Database Model) Management Model

14 SQL Server 2012 Partially contained databases – Users authenticate inside the database – Collation resolution – Can include non-contained objects – No replication – No Change Tracking – No CDC – No file activity (Filestream/FileTable) – Various other restrictions (see BOL)

15 SQL Server 2012 Create CDB Demo

16 Security User with password – Authentication Type = 2 – Password complexity rules apply on create/alter Windows Principal – No login in master

17 Security

18 Contained Databases Security Demo – Users – certficates

19 Migration set partial containment migrate users

20 Collation Collation conflicts between a user database and tempdb are handled Collation set when the batch begins Collation Demo

21 Partial Containment Issues sys.dm_db_uncontained_entities – DMV to find objects that are not contained. sys.dm_db_uncontained_entities Cdb_uncontained_usage Event – Xevent fired when an uncontained entity is used. (run-time) Collation – determined at batch start time. Can cause issues if you have USE statements. Duplicate logins RAISERROR/THROW

22 Containment Security Issues ALTER ANY USER (db_owner or db_securityadmin) users can create users without the server admin’s knowledge Guest accounts break containment. Contained users can exploit this. Sysadmin – never use initial catalog, always use server level authentication.

23 Containment Security Issues Dbcreator role – Can change containment status (possible users created without knowledge) Attaching databases does not check user passwords. Passwords stored in the CDB (dictionary attack issues)

24 The Future What might be coming – Linked servers – Service Broker – Maintenance Plans – Jobs – ?

25 The End Questions? Don’t forget to fill out your evaluations Resources at the end of the PPT www.sqlservercentral.com/forums www.voiceofthedba.com/talks/ www.voiceofthedba.com Enjoy DevConnections

26 References Partially Contained Databases - http://technet.microsoft.com/en- us/library/ff929071%28v=SQL.110%29.aspxhttp://technet.microsoft.com/en- us/library/ff929071%28v=SQL.110%29.aspx Threats Against Contained Databases - http://msdn.microsoft.com/en- us/library/ff929055%28v=sql.110%29.aspx sys.dm_db_uncontained_entities Contained Databases overview - http://sqlblog.com/blogs/aaron_bertrand/archive/2010/11/16/sql-server-v-next- denali-contained-databases.aspx http://sqlblog.com/blogs/aaron_bertrand/archive/2010/11/16/sql-server-v-next- denali-contained-databases.aspx Database Shuffle - http://blogs.msdn.com/b/isaac/archive/2011/04/20/the-database- shuffle.aspxhttp://blogs.msdn.com/b/isaac/archive/2011/04/20/the-database- shuffle.aspx Collation Hell -http://blogs.msdn.com/b/isaac/archive/2011/05/05/collation- hell.aspx Features within the Application Model - http://msdn.microsoft.com/en- us/library/ff929188%28v=SQL.110%29.aspxhttp://msdn.microsoft.com/en- us/library/ff929188%28v=SQL.110%29.aspx

27 References Features Outside of the Application Model - http://msdn.microsoft.com/en- us/library/ff929118(v=sql.110).aspxhttp://msdn.microsoft.com/en- us/library/ff929118(v=sql.110).aspx http://blogs.msdn.com/b/sqlsecurity/archive/2010/12/03/contained-database- authentication-introduction.aspx http://blogs.msdn.com/b/sqlsecurity/archive/2010/12/03/contained-database- authentication-introduction.aspx http://blogs.msdn.com/b/sqlsecurity/archive/2010/12/08/contained-database- authentication-in-depth.aspx http://blogs.msdn.com/b/sqlsecurity/archive/2010/12/08/contained-database- authentication-in-depth.aspx http://blogs.msdn.com/b/sqlsecurity/archive/2010/12/04/contained-database- authentication-monitoring-and-controlling-contained-users.aspx http://blogs.msdn.com/b/sqlsecurity/archive/2010/12/04/contained-database- authentication-monitoring-and-controlling-contained-users.aspx http://blogs.msdn.com/b/sqlsecurity/archive/2010/12/06/contained-database- authentication-how-to-control-which-databases-are-allowed-to-authenticate-users- using-logon-triggers.aspx http://blogs.msdn.com/b/sqlsecurity/archive/2010/12/06/contained-database- authentication-how-to-control-which-databases-are-allowed-to-authenticate-users- using-logon-triggers.aspx Azure - http://social.technet.microsoft.com/wiki/cfs- file.ashx/__key/communityserver-wikis-components-files/00-00-00-00- 05/2671.figure1.jpg

28 Images Sword - http://www.flickr.com/photos/8765199@N07/2639252064/http://www.flickr.com/photos/8765199@N07/2639252064/ Knife - http://www.flickr.com/photos/marxfoods/3555089558/http://www.flickr.com/photos/marxfoods/3555089558/ Login Logic - http://blogs.msdn.com/resized- image.ashx/__size/550x0/__key/CommunityServer-Blogs-Components- WeblogFiles/00-00-00-92-93/8130.alg.jpghttp://blogs.msdn.com/resized- image.ashx/__size/550x0/__key/CommunityServer-Blogs-Components- WeblogFiles/00-00-00-92-93/8130.alg.jpg vMotion - http://www.atlantavdi.com/wp-content/uploads/2010/10/vmotion1.gifhttp://www.atlantavdi.com/wp-content/uploads/2010/10/vmotion1.gif

Download ppt "How to Take Advantage of Contained Databases in SQL Server 2012 Steve Jones SQLServerCentral Red Gate Software."

Similar presentations

Advantage Data Dictionary. agenda Creating and Managing Data Dictionaries –Tables, Indexes, Fields, and Triggers –Defining Referential Integrity –Defining.

Advantage Data Dictionary. agenda Creating and Managing Data Dictionaries –Tables, Indexes, Fields, and Triggers –Defining Referential Integrity –Defining.
Chapter 9 Security. Endpoints  A SQL Server endpoint is the point of entering into SQL Server.  It is implemented as a database object that defines.

Chapter 9 Security. Endpoints  A SQL Server endpoint is the point of entering into SQL Server.  It is implemented as a database object that defines.
Backup The flip side of recovery. Types of Failures Transaction failure –Transaction must be aborted System failure –Hardware or software problem resulting.

Backup The flip side of recovery. Types of Failures Transaction failure –Transaction must be aborted System failure –Hardware or software problem resulting.
BUSINESS DRIVEN TECHNOLOGY

BUSINESS DRIVEN TECHNOLOGY
Oracle Database Administration. Rana Almurshed 2 course objective After completing this course you should be able to: install, create and administrate.

Oracle Database Administration. Rana Almurshed 2 course objective After completing this course you should be able to: install, create and administrate.
Agenda Model migration vs MDS upgrade Model migration overview Model migration – how does it work? Model package Demo.

Agenda Model migration vs MDS upgrade Model migration overview Model migration – how does it work? Model package Demo.
AGENDA Tools used in SQL Server 2000 Graphical BOL Enterprise Manager Service Manager CLI Query Analyzer OSQL BCP.

AGENDA Tools used in SQL Server 2000 Graphical BOL Enterprise Manager Service Manager CLI Query Analyzer OSQL BCP.
How to Manage Unstructured SQL Server Data Steve Jones SQLServerCentral Red Gate Software.

How to Manage Unstructured SQL Server Data Steve Jones SQLServerCentral Red Gate Software.
Sql Server Advanced Features MIS 424 Professor Sandvig.

Sql Server Advanced Features MIS 424 Professor Sandvig.
Manage & Configure SQL Database on the Cloud Haishi Bai Technical Evangelist Microsoft.

Manage & Configure SQL Database on the Cloud Haishi Bai Technical Evangelist Microsoft.
D ATABASE A DMINISTRATION ITEC 450 Fall 2012 Instructor: Dr. Rama Gudhe.

D ATABASE A DMINISTRATION ITEC 450 Fall 2012 Instructor: Dr. Rama Gudhe.
1 Chapter Overview Creating a User Database Setting Database Options Managing User Database Size Placing Database Files on Multiple Disks.

1 Chapter Overview Creating a User Database Setting Database Options Managing User Database Size Placing Database Files on Multiple Disks.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Microsoft SQL Server 2008 Installation Guide Omer Alrwais.

Microsoft SQL Server 2008 Installation Guide Omer Alrwais.
Migrating Business Apps to Windows Azure Marc Müller Principal Consultant, 4tecture GmbH

Migrating Business Apps to Windows Azure Marc Müller Principal Consultant, 4tecture GmbH
Today’s Objectives Chapters 10 and 11 Security in SQL Server –Manage server logins and database users. –Manage server-level, database-level, and application.

Today’s Objectives Chapters 10 and 11 Security in SQL Server –Manage server logins and database users. –Manage server-level, database-level, and application.
Virtual techdays INDIA │ 18-20 august 2010 SQL Azure – Tips and Tricks Ramaprasanna Chellamuthu │ Developer Evangelist, Microsoft.

Virtual techdays INDIA │ august 2010 SQL Azure – Tips and Tricks Ramaprasanna Chellamuthu │ Developer Evangelist, Microsoft.
Windows Azure Conference 2014 Deploy your Java workloads on Windows Azure.

Windows Azure Conference 2014 Deploy your Java workloads on Windows Azure.
Course Topics Administering SQL Server 2012 Jump Start 01 | Install and Configure SQL Server04 | Manage Data 02 | Maintain Instances and Databases05 |

Course Topics Administering SQL Server 2012 Jump Start 01 | Install and Configure SQL Server04 | Manage Data 02 | Maintain Instances and Databases05 |
Security David Frommer Principal Architect Business Intelligence Microsoft Partner of the Year 2005 & 2007.

Security David Frommer Principal Architect Business Intelligence Microsoft Partner of the Year 2005 & 2007.

Similar presentations

Ads by Google