-
Notifications
You must be signed in to change notification settings - Fork 10
Configure Policy Based Management
| Previous Configure Management Data Warehouse | Manual Configuration | Configure Generic Maintenance Processes Next |
|---|
Policy Based Management allows the configuration of SQL Server to be controlled by policies that can be audited and enforced.
A set of best-practice policies is provided by Microsoft, and these have been modified to provide the additional facilities for FineBuild. However, the Microsoft PBM framework is of limited usefulness with modern server builds, and many of the Policies that get installed may need to be switched off to avoid unnecessary alerts.
The Generic Maintenance Processes configuration relates to Process Id 5EE and is controlled by the parameters below:
| SQL Version | Parameter | FULL Build | WORKSTATION Build | CLIENT Build |
|---|---|---|---|---|
| SQL2019 | /SetupPBM: | Yes | Yes | N/A |
| SQL2017 | /SetupPBM: | Yes | Yes | N/A |
| SQL2016 | /SetupPBM: | Yes | Yes | N/A |
| SQL2014 | /SetupPBM: | Yes | Yes | N/A |
| SQL2012 | /SetupPBM: | Yes | Yes | N/A |
| SQL2008R2 | /SetupPBM: | Yes | Yes | N/A |
| SQL2008 | /SetupPBM: | Yes | Yes | N/A |
| SQL2005 | /SetupPBM: | Yes | Yes | N/A |
In order to maintain compatibility with older versions of SQL FineBuild, the parameter /ConfigPBM: can also be used.
The SQL FineBuild Policy Based Management install delivers the following:
- A clear naming standard to identify and separate Conditions, Restrictions, and Targets
- Most policies are installed as activated and scheduled for evaluation, rather than inactive
- Configuration of SQL Agent jobs to process the policies. The most sensitive policies are checked every 10 minutes, with the rest checked each midnight
- Additional configuration checks beyond those supplied by Microsoft
- Automatic purge of policy Evaluation History after 30 days
The following steps show what you would have to do for manual Configure Policy Based Management. FineBuild does all of this work for you automatically.
-
Extract all files from Build Scripts\FineBuildPBM.Cab into a temporary folder.
-
Run the FineBuildPBM script to install the PBM facets and policies. A single set of these routines is created for each SQL Server instance.
The following are installed:
- 60 Condition facets
- 13 Restriction facets
- 16 Target facets
- 58 Policies
- Schedules and jobs to process the policies
The job names created when a PBM policy is scheduled include the Schedule GUID as part of the job name. The FineBuild installation process for PBM renames these jobs to include the Schedule name instead of the GUID, to make it easier for the DBA to understand what work is being done
Copyright FineBuild Team © 2014 - 2020. License and Acknowledgements
| Previous Configure Management Data Warehouse | Top | Configure Generic Maintenance Processes Next |
|---|
Key SQL FineBuild Links:
SQL FineBuild supports:
- All SQL Server versions from SQL 2019 through to SQL 2005
- Clustered, Non-Clustered and Core implementations of server operating systems
- Availability and Distributed Availability Groups
- 64-bit and (where relevant) 32-bit versions of Windows
The following Windows versions are supported:
- Windows 2022
- Windows 11
- Windows 2019
- Windows 2016
- Windows 10
- Windows 2012 R2
- Windows 8.1
- Windows 2012
- Windows 8
- Windows 2008 R2
- Windows 7
- Windows 2008
- Windows Vista
- Windows 2003
- Windows XP