![CH6-ADS.png](.\Media\CH6-ADS.png)

# <span style="color:#cc5500;">Database Mainenance Tips and Tricks</span>

This notebook is designed to help customer’s operations and support teams understand common operational requirements and needs of the SQL Server environment.  The topic of operational guidance is very broad, and this notebook introduces concepts and providing references to more comprehensive materials, including extensive detail on custom support needs found in US Public Sector, and DoD environments responsible for DISA compliance with respect to the STIG’s.  Running SQL Server in US PubSec has a unique set of Operational Support requirements compared to commercial environments.  SQL will perform best and provide the highest level of confidentiality, integrity, and availability (CIA) for organizations when regular maintenance is engineered, orchestrated, and performed on a regular and consistent basis.

  

SQL Server enables customers to build mission-critical applications and big data solutions using high-performance, in-memory technology across Online Transactional Processing (OLTP), Data Warehousing (DW), Business Intelligence and analytics workloads (BI), without having to buy expensive add-ons or high-end appliances.  SQL Server uses a common set of tools to deploy and manage databases both on-premises and in the cloud, which makes it easier for customers to take advantage of the cloud with existing skills.   

  

Operations is a broad, high-level topic that can be divided into seven main sections in this notebook:

1. Administration
2. High Availability
3. Patching and Updating
4. Monitoring
5. Performance
6. Security
7. Ports and Protocols
8. Additional Resources

  

Each area has unique concerns and a standard approach or method of handling operations and support throughout the DoD and US PubSec.  This guide is a combination of Microsoft recommended best practices for operations and support of SQL Server as well as US Public Sector Services recommendations for operations and support of SQL Server in the US Public Sector.  It is important to note, improper management of the unique operating environment and operational concerns in the US PubSec industry vertical can cause as many system outages (reduce Confidentiality, Integrity, and Availability \[CIA\]) as much as it could prevent outages and increase CIA.  This guide is a hybrid set of recommendations and references designed to increase CIA and help US PubSec SQL Server database administrators.

## <span style="color:#cc5500;">Administration</span>

The high-performance database engine in SQL Server has many self-tuning configuration options.  However, database administrators still must configure aspects, such as links to other servers in their organizations, and develop an effective database backup strategy.  Additionally, an example of common daily database administration task are:

- Verify all SQL Server instances are up
- Verify that all scheduled jobs have run successfully
- Verify success of database backups
- Monitor disk space
- Review database sizes and growth settings

These tasks could be a set of manual checks or automated checks reviewed daily.  Use the links and resources below to learn and understand how the above can be accomplished.  The following Microsoft SQL Server Books Online materials provide information that can help improve database system performance and protect organization data against hardware failure or natural disaster.

  

### <span style="color:rgb(0, 204, 153);">Configure Database Engine Instances (SQL Server)</span>

- [Configure Database Engine Instances (SQL Server) - SQL Server | Microsoft Docs](https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/configure-database-engine-instances-sql-server?view=sql-server-2017) describes how to configure the properties of an instance.  One can learn how to configure defaults, such as file locations and date formats.  As well, one can also learn how the instance uses operating system resources, such as memory or threads.
- Configuring the default file location for your databases will help ensure that database log and data files are created on the correct drive\\folder that supports your security posture via access control lists (ACLs).  Configuring the default file location also allows you to specify high-performance drives and enforce log and data file separation when database create statements are used without qualifying the data and log file locations.
- 

### <span style="color:rgb(0, 204, 153);">The SQL Server Agent and Automating Administration Tasks</span>

- [Automated Administration Tasks (SQL Server Agent) - SQL Server Agent | Microsoft Docs](https://docs.microsoft.com/en-us/sql/ssms/agent/automated-administration-tasks-sql-server-agent?view=sql-server-2017) describes how Microsoft SQL Server allows you to automate administrative tasks using the SQL Server Agent.  To automate administration, you define predictable administrative tasks and then specify the conditions under which each task occurs.  Using automated administration to handle routine tasks and events frees your time to perform other administrative functions.

### <span style="color:rgb(0, 204, 153);">Managing Data Files, Size, and Growth Settings</span>


This page describes SQL Server data files and file group properties and behaviors.  Use this information and guidance to configure setting and database properties so as to limit risk to availability.

### <span style="color:rgb(0, 204, 153);">Collation and Unicode Support</span>


This page describes how to manage database engine collation.  Collations define the bit patterns used to represent characters and associated behaviors such as sorting, and case or accent sensitivity in comparison operations of CHAR and VARCHAR data types.

### <span style="color:rgb(0, 204, 153);">Linked Servers (Database Engine)</span>


This page describes how to configure linked server definitions.  These allow Transact-SQL statements to work with data that is stored in separate Object Linking and Embedding Database (OLE–DB) sources.

### <span style="color:rgb(0, 204, 153);">Logon Triggers</span>


This page describes how to create a logon trigger that specifies actions that are to be taken after a logon attempt has been validated but before it starts working with resources in the instance.  Logon triggers support actions such as logging connection activity or restricting logons based on logic that complements credential authentication that is performed by Windows and SQL Server.

The SQL Server STIGs recommend limiting connections and concurrent users to support availability requirements and limit risk to availability by denial-of-service like attacks. Logon triggers can be used to limit access and concurrent connections to the system.

### <span style="color:rgb(0, 204, 153);">Manage the Database Engine Services</span>


This page describes how to manage the services associated with an instance of the database engine.  This includes managing actions, such as starting and stopping the service or configuring startup options.

Some best practices for configuring the database engine services include:

Use a domain Service Account or a Group Managed Service Account (gMSA) for each service.

Set SQL Server Agent to auto-start.

Disable any unused service.

Set recovery and retry setting for the service.

Set alerts and notifications in the even the service has stopped or cannot start.

### <span style="color:rgb(0, 204, 153);">Server Network Configuration</span>


This page describes how to perform server network configuration tasks such as enabling protocols, modifying the port or pipe that is used by a protocol, configuring encryption, configuring the SQL Server Browser service, exposing or hiding the SQL Server Database Engine on the network, or registering the server principal name. 

### <span style="color:rgb(0, 204, 153);">Client Network Configuration</span>


This page describes how to perform client network tasks such as configuring client protocols or creating or deleting a server alias.  Please see the US PubSec Installation and Hardening Guides for recommendations for configuring the network library properties and settings.

### <span style="color:rgb(0, 204, 153);">Database Engine Scripting</span>


This page describes the SQL Server Management Studio (SSMS) editors that can be used to design, debug, and run Transact-SQL and other scripts.  It also describes how to code Windows PowerShell scripts to work with SQL Server components.  Below are some useful SSMS settings worth noting.

Show line numbers: Tools \> Options \> Text Editor \> Transact-SQL \> General \> Line Numbers

Ctrl+Shift+R: refreshes SSMS IntelliSense cache after creating new objects

### <span style="color:rgb(0, 204, 153);">Maintenance Plans</span>


This page describes how to use maintenance plans to specify a workflow of common administration tasks for an instance.  These workflows include tasks such as backing up databases and updating statistics to improve performance. Below is an example of a common maintenance routine.

### <span style="color:rgb(0, 204, 153);">Database Backups</span>


Full

Perform weekly

Differential

Perform daily

Transaction Log

Perform hourly

Index Tuning

Rebuild or Reorganize as needed

Update Statistics

Perform Daily

Miscellaneous

Database Ownership

Detect and change databases not owned by the renamed ‘sa’ account.

Cycle the Error Log

Perform Daily

TDE

Detect and configure TDE for databases where required

### <span style="color:rgb(0, 204, 153);">Database Mail</span>


This page describes how database applications can use database mail to send email messages from the database engine.  It’s recommended to provide alerting and notification for certain critical system event, alarms, and failures.  Database Mail can be used for alerting and job success/failure notification.

### <span style="color:rgb(0, 204, 153);">Extended Events</span>


This page describes how to use SQL Server Extended Events—a lightweight, highly scalable system, to capture performance data that can be used to build performance baselines or diagnose performance problems.

### <span style="color:rgb(0, 204, 153);">SQL Trace</span>
 

This page describes how to use SQL Trace to build a customized system for capturing and recording events in the database engine.  Please note, SQL Trace is depreciated in favor of SQL Server Extended Events and SQL Server Auditing.

### <span style="color:rgb(0, 204, 153);">SQL Server Profiler</span>


This page describes how to use the SQL Server Profiler to capture traces of application requests coming in to an instance of the database engine.  These traces can later be replayed to help with activities such as performance testing or problem diagnosis.

### <span style="color:rgb(0, 204, 153);">Track Data Changes (SQL Server)</span>


This page describes how change data capture (CDC) and change tracking features enable applications to determine the DML changes (insert, update, and delete operations) that were made to user tables in a database. 

### <span style="color:rgb(0, 204, 153);">Database Engine Tuning Advisor</span>


This page describes how to use the Database Engine Tuning Advisor to analyze databases and make recommendations for addressing potential performance problems.

### <span style="color:rgb(0, 204, 153);">Remote Servers</span>


This page describes how to use the deprecated remote servers feature to enable access from one instance of the database engine to another.  The preferred mechanism for this functionality is a linked server.

### <span style="color:rgb(0, 204, 153);">Service Broker</span>


This page describes how Service Broker sends messages, queues applications, and provides pointers to its documentation.

### <span style="color:rgb(0, 204, 153);">Buffer Pool Extension File</span>


This page describes how the buffer pool extension can be used to provide seamless integration of nonvolatile, random-access storage on solid-state drives to the database engine buffer pool to improve input/output (I/O) throughput.

### <span style="color:rgb(0, 204, 153);">Live Query Statistics</span>


This page describes how Live Query Statistics can be used to view the live execution plan of an active query.  The live query plan provides real-time insights into the query execution process as the controls flow from one query plan operator to another. Because this data is available in real time without needing to wait for the query to complete, these execution statistics are extremely useful for debugging query performance issues.

### <span style="color:rgb(0, 204, 153);">Query Store</span>


This Page describes how Query Store can be used to get insights on query plan choice and performance.  It simplifies performance troubleshooting by enabling you to quickly find performance differences caused by changes in query plans.  The feature automatically captures a history of queries, plans, and runtime statistics, and retains these for your review.  It separates data by time windows, allowing you to see database usage patterns and understand when query plan changes happened on the server.

### <span style="color:rgb(0, 204, 153);">Temporal Tables</span>


This Page describes how to use Temporal Tables to keep a full history of data changes and allow easy point in time analysis. Temporal Tables can be used for Auditing data changes, reconstructing state of data, calculating trends over time, maintaining a slowly changing dimension and recovering data from accidental changes.

### <span style="color:rgb(0, 204, 153);">Automate Administration across the Enterprise</span>


This Page outlines some tools, features, and techniques to automate administration across an enterprise.

### <span style="color:rgb(0, 204, 153);">Monitor and Respond to Events with the SQL Server Agent</span>


This Page provide information on how SQL Server Agent can monitor and automatically respond to events, such as messages from SQL Server, specific performance conditions, and Windows Management Instrumentation (WMI) events.