SQLAuthority News – SQL Server 2008 R2 Update for Developers Training Kit (March 2010 Update)

Note: Download SQL Server 2008 R2 Update for Developers Training Kit (March 2010 Update) Authored by Microsoft

SQL Server 2008 R2 offers an impressive array of capabilities for developers that build upon key innovations introduced in SQL Server 2008. The SQL Server 2008 R2 Update for Developers Training Kit is ideal for developers who want to understand how to take advantage of the key improvements introduced in SQL Server 2008 and SQL Server 2008 R2 in their applications, as well as for developers who are new to SQL Server. The training kit is brought to you by Microsoft Developer and Platform Evangelism.

The training kit is designed for the following technical roles:

  • Developers who build applications for the Microsoft platform.
  • Microsoft evangelists, technical specialists and consultants.

Download SQL Server 2008 R2 Update for Developers Training Kit (March 2010 Update)

Abstract courtesy Microsoft

Reference: Pinal Dave (http://blog.SQLAuthority.com)

SQLAuthority News – Office 2010 Readiness Check – Are you ready for Office 2010?

PowerPivot for Excel is a data analysis tool that delivers unmatched computational power directly within the application users already know and love—Microsoft Excel. Office 2010 is the next version of Office 2010. We all know Office 2010 is on the verge of getting released and the reviews available online say that it’s a phenomenal product.

My friend Vijay Raj has written excellent article on Office 2010 Readiness Check. Vijay is a Microsoft MVP, focusing on Application Setup and Deployment. He is also a Springboard Series Technical Expert Panel member for Windows 7.  He is one among the core team members at BDotnet and BITPro User Groups. Apart from being passionate about Technology evangelism, he loves music. He is also a big fan of Mark Russinovich, A R Rahman and Sachin. He blogs at http://www.msigeek.com.

Let us read the piece he sent for SQLAuthority.com readers to aid them with Office 2010 Readiness Check

Are you ready for Office 2010? It may look simple for an end-user, but when you look it from an enterprise perspective, there are lots of things which need to be considered before the migration and Compatibility stands out to be one big stop point. Compatibility issues may cover everything right from your environment till the addins which you develop.

Microsoft has released 2 tools (Office Environment scanning tool (OEAT) and Compatibility Inspector) which will exactly help you address this concern.

Office Environment scanning tool (OEAT)

This a comprehensive tool which (along with documentation) assists a customer in the assessment phase of deployment. It identifies the currently installed applications and installation environment, add-ins currently in use by Office clients, programs that are not registered as add-ins but still interact with Office programs, provides a report on the Environmental assessment (potential upgrade issues) and also reports the Add-ins assessment–list of third party programs and information about the compatibility of those programs with Microsoft Office 2010.

Read this article to know more on how you can use the Office Environment scanning tool (OEAT)
(http://www.msigeek.com/2007/want-to-install-office-2010-use-this-assesment-tool-oeat)

Microsoft Office 2010 Compatibility Inspector

This tool compares existing code against the Office 2010 object model by using a text search for known properties and methods that have changed. It includes a basic scanner where definitions and remediation links are updated from a central online location. It also generates a summary report and a details report. The summary includes the total lines of code scanned as well as total lines identified as potential candidates for object model changes. The details report includes the module name, line number, and links to remediation for each identified issue along with color-coded flags for impact guidance. You can run the tool against specific projects. This tool is available as an addins for both Office and Visual Studio.

Read this article to know more on how you can use the Compatibility Inspector (http://www.msigeek.com/2821/fixing-code-compatibility-issues-with-office-2010-compatibility-inspector)

Reference: Pinal Dave (http://blog.SQLAuthority.com)

SQLAuthority News – Links to Book On Line – Data Mining Algorithms (Analysis Services – Data Mining)

I have quite often received request for the Data Mining Algorithms details. Book Online has wonderful resources for the same. I suggest to read them here.

Data Mining Algorithms (Analysis Services – Data Mining)

The data mining algorithm is the mechanism that creates a data mining model. To create a model, an algorithm first analyzes a set of data and looks for specific patterns and trends. The algorithm uses the results of this analysis to define the parameters of the mining model. These parameters are then applied across the entire data set to extract actionable patterns and detailed statistics.

Read more here.

Reference: Pinal Dave (http://blog.SQLAuthority.com)

SQLAuthority News – Webcasts – Resources for IT Managers and their Teams

Pinal Dave and Jacob Sebastian are both SQL Server MVP are doing webcasts for IT Managers and their Teams.

Join us for a 4 series webcast as follows:

Reference: Pinal Dave (http://blog.SQLAuthority.com)

SQLAuthority News – TechDays Session at Infosys Mysore 2009 – Change Data Capture and PowerPivot

It has been a great pleasure to visit Infosys Mysore for an MSDN session. I had previously visited Infosys Bangalore for Technical session. Please read the details of earlier visit SQLAuthority News – Notes from TechDays 2009 at Infosys, Bangalore. This event was held on Dec 10, 2009.

I have been recently presenting the subject of Change Data Capture; it has been great fun as it is a very interesting subject that really captures your attention. It was a well-received session that lasted for nearly 1.5 hours instead of regular 30 min. The smart crowd at Infosys received the subject very well. They also interacted by asking all sorts of question on the subject. Notably, the attendees seemed to understand the subject and they also participated with me. This event was held on Dec 10th, 2009.

Pinal at Infosys Mysore

Session 1: The History of Log – Change Data Capture (CDC)

Abstract: Learn to capture the history of data using CDC. An age-old method of writing queries and triggers to capture change in database table is replaced with a considerably powerful asynchronous method of change data capture (CDC). All attendees will learn how to configure CDC in less than 60 seconds.

If you are interested to read more about CDC, please download CDC script from here.

Pinal at Infosys Mysore

The infrastructure at Infosys is very advanced. The hall, in which I presented the session, had a seating capacity of nearly 1100 people.

Pinal at Infosys Mysore

You can clearly see that it is very interesting to present a session in front of large screen projection. Whatever you see on the screen appears enlarged, but it is very clear to audience.

Partial Audience

Session 2: PowerPivot Self-Service Business Intelligence in Excel 2010

Abstract: You most likely have already heard of PowerPivot, the ground-breaking new BI technology shipping in Microsoft SQL Server 2008 R2. In this session, we introduce PowerPivot for both analysts and IT in the context of Self Service BI. We look at the client capabilities of PowerPivot for Microsoft Office Excel power users, the collaboration features for teams, and the important IT tools for compliance and effective administration.

Excellent SQL Expert – L Srividya (Microsoft)

It was my pleasure to meet one of the Microsoft evangelist and very known SQL Expert L Srividya. She had the skills to keep the audience entertained as well as educated. She one of those professionals who know SQL inside out. She almost knew all the answers of the questions asked. She even had a good insight of subject and also helped me to solve few problems during the session. She also held a demo extravaganza that entertained people so much that they would not leave the session hall, even after the end of the session. In short, she was successful in capturing the attention of the crowd here.

Infosys Mysore – Multiplex

The session hall which had very large screen and 1100 attendees capacity is known as multiplex and above photo is just outside the session hall.

Infosys Mysore – Vidhansabha

During my sessions at Infosys, I had great time to go around and see campus. Infosys Mysore campus is really huge and very artistically decorated. I was amazed with its infrastructure and size. Infosys’ Chairman and Chief Mentor M.R. Narayana Murthy has described the training centre, which is located 140 km off from India’s Silicon Valley, Bangalore, as the biggest corporate training facility in the world. “We are setting up the biggest corporate training facility in the world with 2,000 rooms that can house 4,000 people on a twin sharing basis.”

It was my great pleasure and I would like to express my special thanks to Microsoft for arranging this huge successful event at Infosys, Mysore.

Reference: Pinal Dave (http://blog.SQLAuthority.com)

SQLAuthority News – Migrating DTS Packages to Integration Services

Migrating DTS Packages to Integration Services
Writer: Brian Knight
Published: July 2008

SQL Server Integration Services (SSIS) brings a revolutionary concept of enterprise-class ETL to the masses. The engine is robust enough to handle hundreds of millions of rows with ease, but is simple enough to let both developers and DBAs engineer an ETL process. In this whitepaper, you will see the benefits of migrating your SQL Server 2000 Data Transformation Services (DTS) packages to Integration Services by using two proven methods. You will also see how you can run and manage your current DTS packages inside of the SQL Server 2005 and 2008 management tools.

Ready white paper Migrating DTS Packages to Integration Services

Abstract &  courtesy : Microsoft

Reference: Pinal Dave (http://blog.SQLAuthority.com)

SQL SERVER – Differences in Vulnerability between Oracle and SQL Server

In the IT world, but not among experienced DBAs, there has been a long-standing myth that the Oracle database platform is more stable and more secure than SQL Server from Microsoft. This is due to a variety of reasons; but in my opinion, the main ones are listed below:

A. Microsoft development platforms are generally more error-prone and full of bugs.

This (unfairly) projects the weaknesses of earlier versions of Windows onto its other products such as SQL Server, which is a very stable and secure platform in its own right.

B. Oracle has been around for longer than SQL Server and must therefore be more stable and secure.

Well, this does not count for anything. Being around longer does not mean that you are necessarily wiser. Need more proof? – look at General Motors.

Let us look at the comparisons between Oracle’s DB platform and SQL Server:

Number of reported vulnerabilities for per product

In my opinion, this is the most basic test for stability and security – the number of errors and bugs reported for a product is roughly proportional to its security and stability. Note that this number is usually compiled by independent information-security companies; so, there is no question of “hiding the numbers.”

In this regard, Oracle fares poorly as compared with SQL Server. Oracle Corporation releases an amazingly large number of patches and Critical Patch Updates (CPUs) for its DB platform. To be fair, following are some of the arguments that support Oracle DB (together with answers for those same arguments):

Oracle runs on several platforms, while SQL Server only runs on Windows

Answer: No, the patches and bugs reported are almost all cross-platforms, which implies that they are OS-independent.

Oracle DB also includes several other components, so we are not comparing like with like

Answer: Here, I considered only the database server components. This implies that any problem arising from components such as the Intelligent Agent or the Oracle Application Server has not been included.

Let us compare the Nov 2009 vulnerability reports of the both Oracle11g [1] and SQL Server 2008 [2].

Product Advisories Vulnerabilities
SQL Server 2008 0 0
Oracle11g 7 239

This is not only for the latest DB platforms: Oracle 11g and SQL Server 2008. No, if we take a historical perspective, Microsoft patched 59 vulnerabilities in its SQL Server 7 – 2000 and 2005 databases in the past 6 years, while for the same period Oracle issued 233 patches for software flaws in its Oracle 8, 9 and 10g databases. Moreover, in 2006, Microsoft SQL Server 2000 with Service Pack 4 was ranked as the most secure database in the market together with the PostgreSQL open source project. Oracle10g was placed at the very bottom of the same list.

DBAs are wary and tired of patching the Oracle DB

A survey conducted in January 2008 [3] showed that two-thirds of Oracle DBA’s do not apply security patches. The underlying cause of this is that Oracle Corporation releases a huge number of patches and fixes for various bugs, which itself leads to this secondary problem. There is a lot of fatigue and effort involved in tracking, testing and installing several patch releases every year. In 2009 alone, Oracle released 33 patches for its DB.

However, I am not at all suggesting that Oracle DBAs are lazy or do not take database security seriously. The main reason why many DBAs are very wary of patching Oracle databases is the complexity involved. First, note that patch testing, and also CPU testing is a long and intensive process. Because of the large numbers of bug fixes and CPUs released by Oracle, many application vendors whose products run on an Oracle DB simply do not have the time to test a patch, or as soon as they do so, another one is released. This, in turn, implies that if their clients risk installing unapproved patches, then the vendor can rightfully refuse to support them in case that patch then causes an error in the application.

Slavik Markovich, the Chief Technology Officer of database vendor Sentrigo Inc, said at a conference:  “To apply the CPU, you need to change the binaries of the database. You change the database behavior in some ways that may affect application performance. So applying security patches to a database typically involves testing them against the applications that feed off the database. This is a very long and very hard process to do, especially if you are in enterprises with a large number of databases and applications. Applying these patches means months of labor and sometimes significant downtime, both of which most companies can’t afford.”

Microsoft has a working system of patch testing and rollout, whereas Oracle does not have such a system

Trustworthy Computing is a Microsoft tool that proactively identifies and allows you to install missing patches. When Microsoft launched this initiative, many people did not take it seriously. But now it has proven to be a lifesaver for many busy DBAs and system administrators who simply do not have the time to worry about installing patches. Oracle does NOT have an equivalent tool.

Also, Oracle also does not make life easier for companies who want to keep their databases secure, making it complex to download and install patches. With SQL Server, you can schedule automatic installation of updates and patches. Moreover, if it causes an undesired effect on your application, you can simply uninstall it, leaving the database at it was prior to the update. This is somewhat similar to the System Restore feature of Windows. With Oracle DB, both the installation and removal of patches are complex events that are not easy to do and undo, except for a seasoned DBA.

However, the single most crucial factor in Microsoft’s DB-security-management success is its Security Development Lifecycle (SDL). The use of SDL [4] implies that knowledge obtained after resolving the problems is never lost; instead it is ploughed back into the cycle. Therefore, instead of repeating the same mistakes every time, you can at least ensure that the new code is more secure than the old code, even though it is not completely secure. For instance, the mistakes that were committed and resolved while developing SQL Server 2005 were not repeated during the development of SQL Server 2008. However, there is one issue that bothers developers and DBAs who use Oracle DB: they come across the same mistakes in every version used by them. Eventually, when one problem is resolved, many a time the results are not problem-free and in turn, a new error or problem is created – overall, there is no consistent and reliable problem-solving technique for correcting bugs and fixes. In fact, database consultant Karel Miko estimates that Oracle Corp. is about 5 years behind Microsoft in patch management.

Summary

I hope this article helps to debunk the myth that SQL Server is a less stable and less reliable platform than Oracle DB. As many researchers and security consultancy firms worldwide have pointed out, SQL Server is consistently more secure and much less prone to errors and bugs than Oracle DB.

Sources:

[1] http://secunia.com/advisories/product/18050/?task=statistics_2009

[2] http://secunia.com/advisories/product/21744/?task=statistics_2009

[3]http://www.computerworld.com/s/article/9057226/Update_Two_thirds_of_Oracle_DBAs_don_t_apply_security_patches

[4] http://www.infoworld.com/d/security-central/database-expert-oracle-trails-microsoft-patch-management-166

Reference : Pinal Dave (http://blog.SQLAuthority.com)