Community

TSQL Tuesday #63 – How do you manage security

Posted by Jens Vestergaard on in Community, Programming, tsql2sday 3 Comments

 

TSQL Tuesday

This month’s T-SQL Tuesday is hosted by Kenneth Fisher (blog | twitter) and the topic is security.

Security is one of those subjects that most DBAs have to deal with regardless of specialty. So as something we all have to work with at some point or another what are some tips you’d like to share? What’s the best security design? You’ve picked up a legacy system and the security is awful, how do you fix it? Any great tools out there you’d like to share? Hate it or love it I’m betting we all have something to say.

As others in the community contribute in their own way, in their field of expertise, I’d like to chip in with some of my own observations and lessons learned through my years of working with Analysis Services (SSAS). Here goes my first #TSQL2SDAY blog post.

Having worked with the security model in SSAS and having presented on the topic a couple of times, this topic is really something I have had my hands on. I have previously posted several blog posts on the topic and this blog post will introduce a Microsoft Security Management Tool named Forefront Identity Manager (FIM) which is a  Tool that enables self-service identity management for business users. Yeah, you heard that right. So how does that fit in with cubes and SSAS?

In every SSAS database there is a Collection of roles. Each role can be assigned specific permissions in terms of cube access (r/w), drill-through, dimension and cell access. The magic link between the SSAS roles and FIM are Active Directory (AD) Groups. Each role can have one-to-many members, which can be specific (local) Users or Security Groups. Through FIM this allows the users provisioning and de-provisioning access through an semi-automated approach.

Personally, I haven’t even scratched the surface of FIM, but for the purpose of letting the business decide who gets access to what, and who doesn’t, it was well worth raising this flag. In the end, the business is happy to feel in control, and you are happy that the business is locked down to what options you expose through the cube. In the end, the mechanism of creating and managing the roles within the cubes, still reside on developer/administrative side, e.g. IT (and not Business).

If you don’t already know about Forefront Identity Manager I urge you to take a look at the capabilities. I bet you’ll be pleasantly surprised. 🙂

 

Campus Days 2014

Posted by Jens Vestergaard on in Community, Programming 0 Comment

Last Tuesday Campus Days was kicked off, but unfortunately I was not able to attend any sessions on Tuesday due to our youngest one teething (parents will understand). Wednesday I had my own session, right after Regis (b|l|t) and Kenneth (b|l|t) two slot session on HDInsight, Azure and Machine Learning. It’s always fun to be presenting in a movie Theater, as the screen simply doesn’t get much bigger – see Big Screen Selfie 🙂

20141126_133526047_iOS
Grumpy BI Dude

At my session on Power BI Visualization Wednesday there was a fairly good attendance – somewhere around 45 people turned up, and once we got started the questions began to trickled in. I guess a lot of the IT people at this diverse conference are currently thinking about Power BI, unfortunately not doing so much Power BI. It was rather clear that this audience wasn’t the usual BI gang that already knew most of the stuff, and I think I did accommodate for that in my presentation. The final score of 5.63 I am very happy with since it’s an improvement over last year. Next year will be even better, yeah? At least there is room for improvement

Thursday I attended two sessions, one on Microsoft Release Manager by Philip Haugaard MSFT, an old classmate of mine, and one on making the Business ready for mobile with Windows 8.1. The latter due to some requirements that has come up at Work, and I had hoped to get some answers in that session. One bonus info from the last session was about Project Sienna – a prototyping Tool by Microsoft I didn’t know about. Check it out here: http://apps.microsoft.com/windows/en-us/app/microsoft-project-siena/5ae47651-e8f3-4e41-aab7-e19ab1b80180

Campus Days Entrance
Campus Days Entrance

Socially the event was OK, but not great. Wednesday two movies were shown, Dumb & Dumber 2 and Codebreaker. I should have selected Codebreaker I guess. D&D2 was funny in some parts, but the story is really thin (thinner than expected). After the movies, the hall was converted into American 20’ies. Whiskey bar and several food stations, burger, crab cake, rib-eye and apple pie was served along with beers. A lot of buzz was going on, and I think the attendees were having a great time.

I really like the Campus Days event, mainly because of the diversity of the people attending. The sessions are just as diverse, and you can really tweak your learning by attending some sessions outside your own comfort zone – as a presenter you benefit as well, as you get to see IT-Pros outside your segment perform their sessions, that can be a good learning experience as well.

Hopefully Campus Days will be back next year, and hopefully I will get the opportunity to submit sessions and present again at this event.

Thanks for all the Fish!
Thanks for all the Fish!

Speaking at #SQLSatCambridge

Posted by Jens Vestergaard on in Community 4 Comments

Do you sometimes drift off, thinking/dreaming crazy scenarios, that you almost instantly know won’t ever become a reality?
I had one of those moments, when I spotted, that #SQLSatCambridge and the NFL game at Wembley between The Pittsburgh Steelers and Minnesota Vikings were scheduled only a day apart. Oh how I wished to be in England that particular weekend. I had a pretty strong feeling, that the wife back home wouldn’t be too happy to ship me of, on grounds of just the NFL game. She has every right to, on the account of our third child arrived in July. So I dared to submit two abstracts, one on Custom Assemblies which I presented at #SQLSatDenmark and one on Cube Security, which I have been working with intensively for the last couple of years. In my childish bliss, I drifted of on the thought of me being in Cambridge on Saturday, and at Wembley on Sunday. Double blast!

Imagine my reaction, when I recieved a mail from the Mark Broadbent (blog|twitter), stating that my abstract on cube security had been elected. The mail got in around midnight, and I had to re-read it several times, just to check I wasn’t making it up. 12 hours later, I replied and confirmed my availability to the event. Time to go Work the misses.

As my wife instantly recognized, how proud I was, to have been elected to speak at #SqlSatCambridge, she saw no reason to why I couldn’t stay an extra day and watch the game. She has been shaking her head for the last several years, when the NFL season begins and I claim the TV-set. She knows I’m a huge fan of football, as well as SQLServer 😉
Note to self: Go Large on wife’s Christmas gift

So sometimes the most outrageous, mind bending, far fetched ideas can become a reality. One of mine will, the last weekend in September this year.

Speaking at Campus Days Denmark 2013

Posted by Jens Vestergaard on in Community 0 Comment

Three days, more than 100 sessions, on 10 different tracks, Campus Days Denmark has become quite the act in town. I submitted three session abstracts. I was lucky and very delighted, that one of those got chosen. I will be presenting, in cooperation with my colleague Rasmus Reinholdt Nielsen (LinkedIn|Twitter), on the topic Optimizing BI with SQL Server 2014 in-memory database.

We will be showing how to optimize you BI solution through the use of the new SQL Server 2014 In-Memory database technology, called Hekaton. The first of two scenarios, will demonstrate how to performance optimize your ETL by using Hekaton as reference database. The second demo, will be building a ROLAP cube on top of Hekaton, to see what benefits can be achieved here.
See you there?