Solved

What is SQL Server, 2 page, 500 words

Posted on 2015-01-18
8
283 Views
Last Modified: 2015-01-19
I have a 2 page description of Working With Sql Server attached.

Could you please do some sanity check on its content. Please note that this is a high-level description and does not include all necessary details. All I want is to make sure it doesn't contain wrong statements.

Note: This is prepared for person with little programming skills and interest in the subject.
WorkingWithSqlServer.docx
0
Comment
Question by:Mike Eghtebas
8 Comments
 
LVL 22

Assisted Solution

by:Kelvin Sparks
Kelvin Sparks earned 100 total points
Comment Utility
Hello Mike

What you've written is a very basic introduction to setting up and interacting with SQL Server. Yes, you can have multiple instances of SQL server and as you say with different instance names.

SQL Server is a database engine - but it is a very complex one. In a nutshell, it stores and protects data. SSMS is a tool provided to interact with SQL Server - generally by administrators or application developers - NEVER by users. Not only does SQL Server store data, but it also devlivers differing views of that data (views) and allows interaction with the data using T-SQL (Transact SQL). This is using through stored procedures, functions and sql passed by user applications.

As you delve deeper into it, you find so many more layers of complexity, that it is almost an OS itself. Not only does it manage its data, but can interact with data and objects outside of its own databases.

I know you've come from an MS Access background (like me). If you take a secured access application, and image moving everything (including code modules) to SQL Server except the forms and reports (less their underlying code) then you're starting to see some of the range of things sql server does. One thing sql server has, that Access does not is its own scheduling system (SQL Agent). SQL Server - especially the later versions, can make very good use of PowerShell and there are PowerShell applets for SQL Server.

Hope this helps (although I suspect that this raises more questions than it answers.


Kelvin
0
 
LVL 45

Assisted Solution

by:Vitor Montalvão
Vitor Montalvão earned 100 total points
Comment Utility
You need to review the SQL Server Security section. Is nothing that wrote and the analogy with the restaurant is far to be accurate.

Windows authentication vs SQL Server authentication vs Mixed authentication doesn't have nothing to do with local or network installation.
0
 
LVL 24

Accepted Solution

by:
Bitsqueezer earned 150 total points
Comment Utility
Hi,

if you want to write a document about SQL Server for "person with little programming skills and interest in the subject" then the informations you provided are in my eyes partially not relevant and partially also wrong.

If you want to describe SQL Server the first thing would be to describe what a database server in general is, not how to install it or how many instances can be installed (even many developers never have installed an SQL Server by themselves or know about many possible instances of the server). On the other hand you do not even mention that one instance can manage multiple databases at the same time which is even more important (a big difference to Access which consists only of one database at a time).

"The instances are installed on the hard disk" - that's of course always the case with any program and offers no meaningful information. So if you want to tell something about the installation it would be more interesting to tell that a SQL Server can spread the files it uses for the databases over multiple ressources which can also be on different computers.

"and user interacts with them via SSMS" - of course not a user, only a developer, like Kelvin already said.

"The leading string before the instance name (USER-PC\SQLEXPRESS12) is the local computer name." - That's wrong, the leading string is not necessarily the local computer name but the name of the server which hosts the database engine (which also not necessarily hosts the database files). You can of course install SQL Server locally on your computer, but that's not the "normal" case, normally it is a server on the network.

I would also remove the analogy to the restaurant as this does not really work.

The security model is also wrong described. With all three authentication modes the sysadmin of the database server (and not the server admin, which has normally nothing to do with the database installed on it) needs to add a user as a database login user as first step, otherwise he cannot login to the server generally. These logins, which are created basically on the security area for the whole database server, then needs to be added (mapped) to the database(s) the user should work with. For example, adding a user "U1" as login user gives no permissions to the target database which should be used for an application. If you have "DB1" and "DB2" and "U1" should only use "DB1" you need to map him to "DB1".
That's also not all, next step is to add him to a role (standard is "public" only). All steps from here can also be done by a user which is added to the "db_owner" role so this is not necessarily be done by the sysadmin of the database server. The reason is that a sysadmin could for example be a database hoster service which offers databases for external developers, so he can give this external customer a db_owner right for a specific database (i.e."DB1" only) so he can work with everything about "DB1" but nothing else on the database server (of course also some permissions to standard databases like the temp database etc.).

So back to your doc:
"Windows Authentication:
SQL Server trusts user name and password used for Windows login." - no, a trust would be general and what you say is that it is enough to have a valid Windows login. That's wrong, the only advantage of a Windows login is that the user don't need to enter additional user/password information and that it is not sent over the network like with SQL Server login, but to access the server he needs of course to be added by a sysadmin as login for this server (otherwise a user in a domain but be able to login to any SQL Server on the whole company - would be very fatal).

"Local SQL Server Installation." - no, of course not. It's the same on local or remote server, the only thing which you perhaps got from a local installation is that you are admin on your computer (otherwise you would not be able to install SQL Server) and so you are automatically added as sysadmin for this server. Look into the "security" folder in the main root, you'll find your username as login for this database server.

"User may click on   and select an SQL Server instance to see and work with all databases in a SQL Server with almost no additional restrictions." - no, very, very wrong. That's also the case only in the above described scenario where you were added as sysadmin during installation. Any other user must be inserted as login user and exactly mapped to a database to work with it. Normally you would also not add a user directly but a domain group instead and insert the user there, then the group would be assigned to a role, makes the life with permission a lot easier.

The rest you described is also wrong, Mixed or SQL Server login modes have nothing to do with local or network installation, and also the server admin normally has nothing to do with the sysadmin (which is the highest privilege on SQL Server while the server admin has admin/domain admin rights on the Windows server itself, CAN of course be the same person, but intentionally and normally is not).

Additionally, a new installation of any SQL Server is cutted off from the network to allow secure configuration prior to first access from network. You need to enable the network protocols in the SQL Server Configuration Manager which is a separate tool and you also need to enable the remote access (since 2008 version) in the database instance itself.

So if you want to compare the security model with the real world, you may compare it to the security model of a company: You are blocked in the entry as guest or new employee and get no access to the buildings behind the fence (=no domain user). Next level is to get an access card to enter the ground (=added as domain user because you are a new employee of the company). But you cannot enter any building (database server/database). So you get additional permissions by the security of the company to enter a specific building where your workplace is, you cannot enter any other building (=added as login on the database server). You can now go to your workplace but you can't access the filing cabinet as you have no key for it. So the department lead (=sysadmin) or the cabinet owner (=db_owner/db_securityadmin) can give you a key (=add the login as database login). Now you can open the cabinet but you see further locks on any kind of object so you cannot see the contents of the cabinet (=you can open the database but you cannot access anything as long as you are only in the "public" role). One of the three others (sysadmin/db_owner/db_securityadmin) must give you access to each of these objects by assigning you to a role with specific rights (like "db_datareader" to see and open anything but not changing anything). All these steps are necessary in any case. Because you can have an access card of your company which you can hold before a card reader (=Windows Domain Login) to get the permissions the admins gave to you or you can enter some digits on a keyboard (=SQL Server user and login input) to get the same access.

Also this analogy is not perfect, but at least a lot better than the restaurant (you work with data which is available to anyone at the same time, getting food is made especially for you and nobody else will eat the same food at the same time which is physically not possible). There is also no quality difference between a simple user and a developer and a sysadmin: If they can access data, they all get the same data with the same comfort. Eating in a fast-food restaurant surely is something else then eating in the high level restaurant, even if both offers the same food.

Finally, as Kelvin said above, SQL Server is far more complex and cannot be reduced even to the database engine (which is a lot more complex than this). Think of other services like analysis services, notification services, reporting services, integration services, all components of one installation of SQL Server. So depending on what you want to achieve with this document this should all be mentioned and at least described in short.

Cheers,

Christian
0
 
LVL 50

Assisted Solution

by:Lowfatspread
Lowfatspread earned 75 total points
Comment Utility
"Note: This is prepared for person with little programming skills and interest in the subject."

I agree that the security section is very wrong.

There are only now 2 modes of authentication (2012/2014...) Windows and Mixed...

And all they do is specify how your users will be identified to the database engine so that object/procedure permissions can be validated...

My real point is I'm still not clear who/what your audience is intended to be...
Is it just a How to get to query analyzer and run some sql?
   or How to control user access to data ?

factsheet

or something else...
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 33

Author Comment

by:Mike Eghtebas
Comment Utility
Thanks to all,

Could my restaurant analogy be improved so I can keep it? It is good to draw links between what people already know and what they are struggling to learn.

Who are the users for this writing are:
- Myself to make sure I understand it.
- My college kid and friends.
- Number of my ex-project managers (now friends) who could really use some knowledge about SQL Server.
- All above who also need to use some basic T-SQL.

There are many good comments and I will improve the doc file using them.

Mike
0
 
LVL 35

Assisted Solution

by:David Todd
David Todd earned 75 total points
Comment Utility
Hi,

This might be out of scope, but I'd be tempted to describe the acronym acid to them, to show how complex the issue of storing data is, and what exactly the database does for them.

Are you specifically describing SQL? vs what? (Oracle/DB2/MySQL/etc) or client-server rdbms's in general? (not counting Access as while it is a rdbms, it isn't properly client-server ...)

Now what is the end-game? College kid is different to ex-project managers. Can one assume that project managers know about database servers? In what field were they project managing in? Surely IT project managers should have a fundamental grasp of what a client-server rdbms can do for them.

Regards
  David
0
 
LVL 35

Expert Comment

by:David Todd
Comment Utility
PS Are you selling SQL or your services to manage existing SQL instances, and install new ones?
0
 
LVL 33

Author Comment

by:Mike Eghtebas
Comment Utility
To All,

Thank you for great comments and corrections. I have reduce from 500 words down to 380 words while improving its content per your comments.

The revised version is at http://www.experts-exchange.com/Database/MS-SQL-Server/Q_28599879.html if you like to take another look at it.

Todd, I am preparing to get MTA 98-364. I should have moved away from MS Access longtime agao.

Mike
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

This article explains how to reset the password of the sa account on a Microsoft SQL Server.  The steps in this article work in SQL 2005, 2008, 2008 R2, 2012, 2014 and 2016.
Ever wondered why sometimes your SQL Server is slow or unresponsive with connections spiking up but by the time you go in, all is well? The following article will show you how to install and configure a SQL job that will send you email alerts includ…
Familiarize people with the process of utilizing SQL Server functions from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Ac…
Via a live example, show how to backup a database, simulate a failure backup the tail of the database transaction log and perform the restore.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now