AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Active tables sql4/15/2023 ![]() If you were running such a script, you would likely want it on a member server with minimal services running which has a security profile similar to a DC. And chances are the DCs are locked down tighter than the server where SQL Server is running (for instance, only domain admins can remote desktop into a DC because they're the only ones with domain admin rights). Applies to: SQL Server 2016 (13.x) and later Azure SQL Database Azure SQL Managed Instance Temporal tables (also known as system-versioned temporal tables) are a database feature that brings built-in support for providing information about data stored in the table at any point in time, rather than only the data that is correct at the current moment in time. The fact of the matter is that unless you're running SBS, you shouldn't be running SQL Server on a DC. Because you get control of the server / the SQL Server and you've gotten the domain, or at least elevated credentials on the domain. You keep SQL Server running with minimal privileges, especially to update the domain. From a security perspective, the Principle of Least Privilege and the idea of Separation of Duties carried to a service account would suggest you don't run such an update from SQL Server. I see your points, but I would say that there are circumstances that negate or mitigate each of your points and whether this particular problem that the poster is posing is one of them, I can't know.Īll right, I'll bite on that. While it was technically supported, Exchange would never do it as efficiently as a regular file system or a document control system like SharePoint (which is extremely lightweight with respect to feature set in this category but still performs better than Exchange). It was like the idea of using Microsoft Exchange to store files. While GP doesnt have this functionality, SQL itself has a lot of ways to track things like this. ![]() SQL Server was intended to service as a database engine, so it's not really the right tool for the job, even though you might extend it some. Also, it's the general idea that this isn't what SQL Server was intended for. Once the download is completed, you should open whoisactive.sql file using SQL Server Management Studio and execute the script. Also, by doing so, you're making the solution more portable, meaning you could put it on a utility server and move it around as needed as opposed to installing something custom into SQL Server. Also, it means you can put in more extensive error handling, decision trees, etc., in to an application if it queries SQL Server for the information and then makes a determination of what needs to be updated, etc., within the application. Because you're consuming memory and resources intended for the SQL Server process, 1, and 2, it means your SQL Server service account doesn't have to have special privileges within the domain (because that's what it execute in the context of).
0 Comments
Read More
Leave a Reply. |