A Technical Overview of Microsoft® SQL Server™ 2005 Beta 2 Matthew Stephen IT Pro Evangelist (SQL Server) http://blogs.technet.com/mat_stephen
What We Will Cover Manageability enhancements Security enhancements Availability enhancements
Agenda Introduction Manageability Security Availability
Introduction SQL Server 2005 Data Platform
Enterprise Data Management Developer Productivity Introduction Empowering Productivity High availability for enterprise applications Security enhancements Focus on manageability; self optimization Enterprise Data Management Integration with Visual Studio® and .NET Native XML technology Interoperability: open standards, Web services Developer Productivity Comprehensive ETL solution Real-time decision making: reporting, data mining Scalability and availability enhancements Business Intelligence Secure, reliable, and productive database platform for line-of-business and analytical applications
Manageability Tools New: SQL Server Management Studio New rich GUI Integrated authoring, management Supports all SQL Server components Replaces Enterprise Manager, Query Analyzer Can manage multiple servers
Manageability Management Studio Object Explorer Create databases and data sources Control privileges and permissions Configure replication Manage SQL Server Agent
Manageability SQLCMD Command-line tool for executing T-SQL statements and scripts Replaces osql Uses OLE DB (not ODBC or DB-Library) Has a dedicated administrator connection
Manageability SQLiMail Uses SMTP, not Extended MAPI Profiles Secure – Profiles enable specification of users with access to SQLiMail profile Integrated management within SQL Server Failover – can point to multiple SMTP servers from one profile for ensured mail delivery Service Broker used to deliver messages to avoid blocking a stored procedure Execute sendimail_sp
Manageability Tuning Tools XML Show Plan Publicly available Schema Programmatic access Portability Database Tuning Advisor Time bound tuning What-if analysis Scalability
Manageability Diagnostic Tools Dynamic Management Views Server transparency “sys.memory_clerks” “sys.schedulers” SQL Profiler Integrated with Performance Monitor Deadlock graph Integrated Event Logs
Security Feature Enhancements Auditing DDL triggers Events Authorization Enhancements User schema separation Module execution context Catalog security Granular permission control Encryption enhancements
Security User-Schema Separation New DDL for user and schemas CREATE/ALTER/DROP for USER, ROLE, and SCHEMA Dropping user does not require application rewrite
Security DROP USER => Application Rewrite SELECT custID FROM User1.OrdersTable Owning user = User1 SCHEMA = User1 App1 Owning user = User2 SCHEMA = User2 App1 Modified OrdersTable SELECT custID FROM User2.OrdersTable Exec User1.InsertOrderProc (@orderid) App2 InsertOrderProc App2 modified Exec User2.InsertOrderProc (@orderid)
Security Solution: User-Schema Separation Table View Stored Proc Function User 2 Owned by Owned By Database Object Contained in Owned by Schema User Drop user does NOT require application change!
Security User-Schema Separation Each schema has an owning principal – user or role Each user has a default schema for name resolution Object creation inside schema requires CREATE permission and ALTER or CONTROL permission on the schema Example: Creation of table in schema requires CREATE TABLE permission and ownership of schema or ALTER or CONTROL on schema Database Approle1 User1 Role1 Has default schema Owns Owns Schema1 Owns Schema2 Schema3 SP1 Fn1 Tab1
Security Execution Context Execute Perms checked for User3 Select Perms checked for User3 SQL Server 2000 User2.Proc1 User1.T1 User 3 User1.Proc1 User1.T1 Execute Perms checked for User3 NO Perms checked for User3 SQL Server 2005 User 3 User2.Proc1 User1.T1 ‘Execute AS ‘X’ ’ Execute Perms checked for User3 Select Perms checked for ‘X’. Not for user3
Security Module Execution Context Execute AS CALLER Execute AS “UserName” Execute AS SELF Execute AS OWNER <SLIDETITLE>Module Execution Context</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE>Module Execution Context allows you to change how module is executed.</KEYMESSAGE> <SLIDEBUILDS>4</SLIDEBUILDS> <SLIDESCRIPT>With module execution context, you have more flexibility in executing statements. Build 1: They can be executed as they were in SQL Server 2000, as the caller; this is the default behavior. Build 2: But in addition, you can create a module and specify that it will be executed as a specified user. In this case, the user calling the code would need impersonation permission on the user specified. Build 3: You can also specify that the module will execute as yourself. In other words, since you are specifying that there will be an execute as clause, it will always execute as you. This is useful when a variety of people and applications may be calling the module you have created. Build 4: The last execution context is that the module will execute as the owner. This means that when the ownership changes, the context will be that of the new owner. </SLIDESCRIPT> <SLIDETRANSITION>In addition to these security enhancements, there are new encryption and key management features.</SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>
Security Certificates Encryption enhancements Encryption uses symmetric keys, asymmetric keys and certificates SQL Server 2005 can generate certificates for encryption RC4, RSA, Triple-DES and AES encryption supported Encryption can be used with any level of SQL Server 2005 securable
Availability Table Partitioning SQL Server 2000 allowed partition views SQL Server 2005 allows partitioned tables and indexes Increases performance on multiprocessor machines Eases management of data – data can be grouped logically Data movement easier Three steps Create the partition function Create the partition scheme Create the partitioned table
Availability Replication Changes Stand-alone Replication Monitor Merge performance and scalability improved 2-4x DDL on published objects supported seamlessly while replicating New peer-to-peer replication wizard
Availability Web Synchronization Merge replication Subscriber IIS Publisher/Distributor -InternetUrl https://myserver.mydomain.com Replisapi.dll Firewall
Availability Other Maintenance Features Dedicated Admin Connection Access to Server when regular connections fail Online page and file restore Database remains online – only data being restored is unavailable Fast recovery Database is available when undo begins Redo Undo Available
Session Summary New integrated management tools Secure by design, by deployment, and by default Expanded and enhanced availability options
© 2003 Microsoft Corporation. All rights reserved.
Resources Microsoft SQL Team blogs http://www.sqljunkies.com/blogs Microsoft SQL Server community on the web www.sqlservercentral.com SQL Server Integration Services on the web www.sqlis.com SQL Server Developer Center http://msdn.microsoft.com/sql/ Microsoft SQL Server 2005 website http://www.microsoft.com/sql/2005/default.asp SQL Newsgroups http://www.microsoft.com/technet/community/newsgroups/server/sql.mspx SQL Server 2005 Datamining http://www.sqlserverdatamining.com/DMCommunity/