SQL Server Magazine UPDATE—brought to you by SQL Server Magazine
THIS ISSUE SPONSORED BY
Is Your SQL Server Data Center on Cruise Control?
Minasi/Thurrott Bringing Security Expertise!
Increase Server Uptime and Stability - Free
(below NEWS AND VIEWS)
SPONSOR: IS YOUR SQL SERVER DATA CENTER ON CRUISE CONTROL?
It can be with HP ProLiant Essentials... a portfolio of modular, flexible software tools that expand the capabilities of ProLiant servers. The ProLiant Essentials Foundation Pack contains the essential software needed to quickly and easily deploy a ProLiant server into a managed infrastructure. ProLiant Essentials Value Packs, optional software offerings, let you selectively extend and enhance the potential of your current IT infrastructure. Using Adaptive Infrastructure technologies, value packs facilitate an array of advanced provisioning, deployment, availability and management capabilities within your SQL Server environment. For more information, visit http://www.hp.com/servers/proliantessentials
October 3, 2002—In this issue:
- In-House Developers Share Software Bug Blame
2. SQL SERVER NEWS AND VIEWS
- Microsoft Releases SQL Server 2000 Security Update for SP 2
- Results of Previous Instant Poll: Developing with .NET
- New Instant Poll: CLR Languages
- More Sessions, Best Quality, Unbeatable Value!
4. HOT RELEASE (ADVERTISEMENT
- XML Web Services Connections Co-Locates with Windows & .NET Magazine LIVE!
- What's New in SQL Server Magazine: Client Tools for Analysis Services
- Hot Thread: Driver Not Capable
- Tip: Too Many Cooks Spoiling the Soup?
6. NEW AND IMPROVED
- Archive Data
- Compare and Synchronize Database Schemas
7. CONTACT US
- See this section for a list of ways to contact us.
(contributed by Brian Moran, news editor, firstname.lastname@example.org)
A few months ago, I took software vendors to the woodshed for their lack of quality control and for the excessive number of bugs that their software users must struggle with. I received a tremendous amount of feedback about this topic and shared many reader comments in this forum. (To read the original commentaries, see "Complacency Creates Vicious Cycle of Software Bugs," http://www.sqlmag.com/articles/index.cfm?articleid=26056http://www.sqlmag.com/Articles/Index.cfm?ArticleID=26264.) Granted, vendors deliver notoriously bug-filled software—but who are we to complain? Much of corporate America delivers worse. This excerpt from a reader's email message forced me to think about the quality issue from a broader perspective:
"I've been a developer for 35 years. Five years ago, I came on to a large-scale SQL Server project about 2 years after it began. I just read your latest email with reader responses concerning buggy software. This comes on an afternoon when I am walking through some of our code that has been in production for about 5 years. Talk about buggy!
"I'm looking at a 20-page SQL stored procedure that reformats and moves data from temporary tables into a production database. I haven't finished testing, but I can already see where the procedure potentially throws away data with no trace due to improperly written joins on lookup tables. Error checking and logging are nonexistent.
"I find I rarely have time to malign software vendors about their bugs. I'm too busy handling bugs in our own software. My complaint is with software project managers who are so intent on adding features and releasing new versions that we let our users suffer with the problems we do have some control over, just because we don't insist that our products be less buggy.
"Let's face it. In order to compete in the software industry, you have to have a \[powerhouse\] product just to survive. I dare say most in-house corporate developers wouldn't make it on the outside if they had to compete in the real world and develop shrink-wrapped software. We'd be better positioned to combat buggy software from vendors if we could deliver higher quality software ourselves."
I don't like to point out problems without suggesting solutions, but I'm at a loss to offer solutions for the types of problems the reader mentioned. I haven't worked in the industry for 35 years, as the reader has, but my 13 years in the consulting world have given me access to dozens of applications. My observations? Many internal development shops lack effective Quality Assurance (QA) processes and deliver applications that contain as many or more bugs as the products that commercial software vendors send to market. This deficiency is as true in the database world as it is in the application world. Everyone in the industry talks about the need for better QA, and most developers believe that their projects incorporate fail-safe QA processes. But when push comes to shove, QA is the first segment of a project that's cut when the project starts to slip behind schedule.
It seems that solving the QA problem should be easy, but it obviously isn't, or the problem of poor quality control wouldn't be as pervasive as it is. I'm sure that a QA professional could speak eloquently about potential solutions to this persistent problem within corporate IT shops. However, I'm not a QA guru. Still, I'd love your insights. From now on, I'm willing to cut vendors more slack about their QA problems—at least until we start doing a better job of instituting more effective QA policies in our own projects.
MINASI/THURROTT BRINGING SECURITY EXPERTISE!
Windows & .NET Magazine Network RoadShow 2002 is coming this October to New York, Chicago, Denver, and San Francisco! Industry experts Mark Minasi and Paul Thurrott will show you how to shore up your system's security and what desktop security features are planned for Microsoft .NET and beyond. The seminar is sponsored by NetIQ, Microsoft, and Trend Micro. Registration is free, but space is limited, so sign up now!
2. SQL SERVER NEWS AND VIEWS
Microsoft released SQL Server 2000 Security Update for Service Pack 2 (SP2). This security cumulative package includes a revocation of support for clients that send SQL Server 7.0 or later tabular data streams (TDS) in big-endian format, a revocation of public access on an extended stored procedure, a fix for the escalation-of-privileges vulnerability on certain stored procedures, and more. For complete information, see
The voting has closed in SQL Server Magazine's nonscientific Instant Poll for the question, "What types of production applications are you creating through the .NET Framework?" Here are the results (+/- 1 percent) from the 385 votes:
- 10% Windows-based Visual Basic .NET applications
- 7% Windows-based C# applications
- 1% Windows-based C++ applications
- 54% I'm not using .NET for my production applications
Sponsored by Quest Software
Download our free white paper, "Indexing Strategies for SQL Server," by SQL tuning expert Kevin Kline.
The next Instant Poll question is "Which CLR-compliant language will you use to write server-side code when Yukon is deployed?" Go to the SQL Server Magazine Web site and submit your vote for 1) Visual Basic .NET, 2) C#, 3) C++, 4) Other, or 5) None, we're sticking with T-SQL for server-side code.
SPONSOR: INCREASE SERVER UPTIME AND STABILITY - FREE
Diskeeper(R) Lite, the high-speed manual introduction to the popular automatic defragmenter Diskeeper 7.0, is available for immediate download.
Fragmentation is the root cause of many system problems, server slowdown being only one of them. Eliminating fragmentation is the key to increasing network performance. Diskeeper Lite was built with the same advanced defragmentation technology as Diskeeper 7.0 and can be used on Windows(R) 98 on up.
Find out what you're missing. Download Diskeeper Lite now. Free!
(brought to you by SQL Server Magazine and its partners)
SQL Server Magazine LIVE! will co-locate with Microsoft ASP.NET Connections and VS.NET Connections October 27-30. Three conferences for the price of one—over 160 sessions, of which 60 are SQL Server-specific. Save $2,990 when you register today. No other event offers you more quality sessions to choose from—an unbeatable value. Real-world technical tips and insights you don't want to miss. Hurry, offer ends October 4.
4. HOT RELEASE (ADVERTISEMENT)
Access over 70 sessions and save $1,595 when you register by Oct 4. Chock-full of "been there, done that" knowledge from people who use Microsoft products in the real world.
SQL Server 2000 Analysis Services is a powerful online analytical processing (OLAP) provider—but it doesn't include a client tool for querying, reporting, or analyzing data. That means you have to search through available third-party applications for a product that fits your business intelligence (BI) needs. To help you narrow your search, in "Client Tools for Analysis Services," the Aspirity OLAP team evaluates five applications in terms of different users' needs. You can also download files that will help you set up your own comparisons. This article appears in the October 2002 issue of SQL Server Magazine and is available online at
When BigJimSlade logs in to SQL Server through Windows NT, he receives the error message "Connection could not be established to \[his server\]—Driver not capable." BigJimSlade wants to know why he's receiving this message and whether he'll have better luck if he tries to connect through Enterprise Manager. Offer your advice and read other users' suggestions on the SQL Server Magazine forums at the following URL:
(contributed by Microsoft's SQL Server Development Team)
Q. In our development environment, everyone has the systems administrator (sa) password, and five groups use one database. Occasionally, developers accidentally delete data, and I have no way of determining who did what. How can I audit the workstation or login ID when a developer updates data in the database?
A. A. Because you're working in a development environment where SQL Server Profiler and server tracing are suitable for use (i.e., the potential performance impact doesn't affect production), you could set up a server trace to log information to a table in the background. Then, you could search this table to see who was deleting data. Obviously, assigning multiple users to the sa account at one time is problematic. Here are some courses of action you could follow:
Send your technical questions to email@example.com.
6. NEW AND IMPROVED
(contributed by Carolyn Mader, firstname.lastname@example.org)
Princeton Softech released Archive for Servers 5.0, software that helps you implement an archiving strategy so that you can quickly remove complete sets of rarely used data from your production databases. Archived data remains active so that end users can access data whenever they need to. Archive for Servers lets you manage, research, and browse archived data and selectively restore data completely and referentially intact. To improve database performance, Archive for Servers logically stores data. The software supports SQL Server. For pricing, contact Princeton Softech at 609-627-5500 or 800-457-7060.
e-dule Software released DB SynchroComp 2.0, a tool for SQL Server that compares and synchronizes two database schemas. The software generates scripts that will change the target database structure to match the source database structure. DB SynchroComp determines differences in functions and stored procedures by comparing the text of procedures. The software displays the results of database-schema comparison hierarchically with dependent objects displayed below their parent. DB SynchroComp supports SQL Server 2000 and 7.0. For pricing, contact e-dule Software at email@example.com
7. CONTACT US
Here's how to reach us with your comments and questions:
- ABOUT THE COMMENTARY — firstname.lastname@example.org
- ABOUT THE NEWSLETTER IN GENERAL — email@example.com
(please mention the newsletter name in the subject line)
- TECHNICAL QUESTIONS — http://www.sqlmag.com/forums
- PRODUCT NEWS — firstname.lastname@example.org
- QUESTIONS ABOUT YOUR SQL SERVER MAGAZINE UPDATE SUBSCRIPTION?
Customer Support — email@example.com
- WANT TO SPONSOR SQL SERVER MAGAZINE UPDATE?
More than 102,000 people read SQL Server Magazine UPDATE every week. Shouldn't they read your marketing message, too? To advertise in SQL Server Magazine UPDATE, contact Beatrice Stonebanks at firstname.lastname@example.org or 800-719-8718.
SQL Server Magazine UPDATE is brought to you by SQL Server
Magazine, the only magazine completely devoted to helping developers
and DBAs master new and emerging SQL Server technologies and issues.
Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters.