ProblemIn this tip we look at the steps within SQL Server you need to follow if you change the physical server name for a standalone SQL Server.
Solution
http://www.mssqltips.com/sqlservertip/2525/steps-to-change-the-server-name-for-a-sql-server-machine/
Question: Recently I got a question regarding Transparent Data Encryption (TDE) and how it works.
Answer:Microsoft has introduced a new feature TDE (Transparent Data Encryption) from SQL Server 2008. TDE provides real time encryption of data and log files. Data is encrypted before it is written to disk; data is decrypted when it is read from disk.
Main benefit of TDE is that it does not require any changes into existing application. TDE encrypt data using AES and 3DES encryption algorithms without having to change the applications that will be connecting to the database.
With TDE backup files and database files are encrypted and no one can access it without key.
Follow below 4 steps to implement the TDE on the particular database.
• Create a master key
• Create or obtain a certificate protected by the master key
• Create a database encryption key and protect it by the certificate
• Set the database to use encryption
Create a Master Key A master key is a symmetric key that is used to create certificates and asymmetric keys. You can create the Master Key using below script
--create a master key USE master GO CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'P@ssw0rd'
Now next step is you have to create the server-based certificate which will be used to encrypt the database. You can create the certificate using below query.
--create a ceritificate USE master; CREATE CERTIFICATE sql_tdeDBcert WITH SUBJECT = 'TDE Certificate for SQL_tde database' GO
Here, I am creating sample database using below script, if you have already any test database you can use it.
--script to create a database
create database sql_tde
use sql_tde
go
--script to create sample table
create table fnInfo
(
Id int primary key identity(1,1),
CCNo varchar(16) constraint UK1 Unique,
Name varchar(20)
)
--enter the sample data
insert into fnInfo values ('456333125','Jugal')
insert into fnInfo values ('1234568484','Sunil')
insert into fnInfo values ('1234789254','Chintan')
select * from fnInfo
Create a Database Encryption Key A database encryption key is required for TDE. Here we will set the encryption for the database by creating a database encryption key and password using the certificate we created in the above step.
use sql_tde GO create database encryption key with algorithm = AES_128 encryption by server certificate sql_tdeDBcert
Now we will check for the backup scenario, whether we are able to restore it without key or not. I have executed below backup script to take the database backup.
----backup database backup database sql_tde to disk = 'c:\sql_tde.bak'
Now I am restoring the database backup on the different machine without key and certificate.
----backup database restore database sql_tde from disk = 'c:\sql_tde.bak'
Restore command is failed with the below error on the differnet machine.
Starting up database 'sql_tde'. Error: 3283, Severity: 16, State: 1. The file "sql_tde_log" failed to initialize correctly. Examine the error logs for more details.
To restore the encrypted database backup on different SQL Server instance we have to export the certificate created on the SQL instance on which the encrypted database backup was created.
You can export or transfer the certificate to a file. Use the below query for it.
USE master GO BACKUP CERTIFICATE sql_tdeDBcert TO FILE = 'C:\sql_tdeDBcert_cert.cer' WITH PRIVATE KEY (FILE = 'C:\sql_tdeDBcert_key.pvk' , ENCRYPTION BY PASSWORD = 'P@ssw0rd' ) GO
Now move the files to destination server and import the certificate using below command. Please note that the password specified here in the DECRYPTION BY PASSWORD parameter is the same as that which used to export the certificate to a file.
CREATE CERTIFICATE sql_tdeDBcert FROM FILE = 'C:\sql_tdeDBcert_cert.cer' WITH PRIVATE KEY (FILE = 'C:\sql_tdeDBcert_key.pvk', DECRYPTION BY PASSWORD = 'P@ssw0rd'); GO
You can restore the database now using below query.
----backup database restore database sql_tde from disk = 'c:\sql_tde.bak'
Problem: Often we would like to check how much size backup file will take on the disk? You can follow below simple steps to estimate the backup file size?
Solution:
Execute the SP_SPACEUSED procedure to get the database size statistics.
USE [sqldbpool]
GO
EXEC sp_spaceused @updateusage = ‘true’
Now you have to subtract the ununsed pages from reserved pages and divided by 1024 to get the output in MB.
In our scenario we have 2592 (KB) – 96 (KB) = 2496/1024 = 2.4374(MB) will be the backup size.
DAC: Dedicated Administrator Connection feature is available from the SQL Server 2005. It is available in all the higher editions by default except express edition. DAC will be useful when SQL Server is not responding any connections; in such kind of situation DBA will connect through the DAC and troubleshoot/fix the issue.
You can execute below kind of command for the initial troubleshooting.
-- Locking Info SELECT * FROM sys.dm_tran_locks GO -- Running Sessions SELECT * FROM sys.dm_exec_sessions GO -- Requests Status SELECT * FROM sys.dm_exec_requests GO --Open Sessions SP_WHO2 --To get the SQL Text DBCC OPENTRAN (SPID) --To terminate the curlprit process KILL SPID
DAC is disabled by default, it is a good practice to enable the DAC. You can enable the DAC using by executing below query.
Use master GO --0 = Allow Local Connection, --1 = Allow Remote Connections*/ sp_configure 'remote admin connections', 1 GO RECONFIGURE GO
You can connect using DAC on of the following method.
Command Prompt
SQL Server Management Studio
Using Command Prompt: Use SQLCMD utility to connect to SQL Server as below.
-A argument is to specify the DAC connection.
-S argument is to specify the server name.
-d argument is to specify the database name.
-E argument is for windows connection with integrated security true
Using Management Studio: Write ADMIN: before the server name in management studio connection window. It will give you the DAC connection.
To enable the DAC connection in SQL Server express edition add ;-T7806 trace flag as startup parameter.
Go into configuration manager — right click on SQL Server Service and select properties — go into advanced tab and add the trace flag ;-T7806. Once done restart the SQL Server Services.
Below are the most common reasons for the performance issues.
aiDeeva.com 