Posts

The SQL Server team has been working towards making databases more standalone, and less dependent on the server, for quite a while. SQL Server 2012 was the first version that had a concept of a contained database. The thinking was that you should be able to move databases around to different servers and, in that case, users would follow with the database because they didn’t have a dependency on logins, which was the case up until then.

2025-11-11

This second article in a two-part series shows you how to control the execution context of stored procedures. This time, it’s by using digital signatures and code signing.

During a recent consulting engagement, I noticed that the client needed to control the security context a stored procedure was running under but was using a convoluted method to do so. Changing the security context that stored procedures run under is a common requirement, letting users execute code via stored procedures that they aren’t allowed to execute directly.

2025-11-10

Lately, I’ve seen a number of people commenting that they think the Publish to Web options in Power BI aren’t secure. They are secure. You just need to use them appropriately.

The issue

When you publish to web with Power BI, all data in the semantic model that the user is allowed to see is visible, not just the data shown in the visual that’s on your report. There’s nothing to stop the user using DAX to get to it.

2025-11-09

I have been using Bunny Stream for hosting videos lately. I love those people. What a great service.

But I wanted to add a few videos to our SQL Down Under website that was a Hugo Azure Static Website. I added the embed code from the Bunny Stream site for the video, and what I found was:

• The videos appeared and played on desktop versions of Chrome or Edge
• The page appeared but no videos appeared when viewing the page from either Safari or Chrome on iOS

At first, I thought it might be a screen resolution thing, but it didn’t work on either an iPhone, or on an iPad that had the same resolution as my laptop where things did work.

2025-11-08

As soon as I started working with a recent version of SSMS, I realized that I didn’t like how heavy the grid lines were in the output:

I really wanted the data to be the focus, not the lines. They seemed much darker than on the previous versions. Note that this is a personal preference. I can imagine some people preferring them as they now are. Fortunately, though, you can now change the color of the lines. In Tools, Options, Fonts and Colors, in the Grid Output section, there is now an entry for Grid Results Lines.

2025-11-07

This is part 1 of a two-part series that shows you how to use the EXECUTE AS clause to change and control security context for stored procedures. Up next month will be digital signatures.

During a recent consulting engagement, I noticed that the client needed to control the security context that a stored procedure was running under but was using a convoluted method to do so. Changing the security context that stored procedures run under is a common requirement, letting users execute code via stored procedures that they aren’t allowed to execute directly.

2025-11-06

I posted a while back about being able to have random advertisements for our training courses in the sidebar for my blog. You’ll see one to the right of this post.

That has been working great, and every time I do a new build (each day), each page ends up with a random course advertisement.

Priorities

What I’ve now decided though, is that I didn’t want all the courses to show up with the same frequency. I wanted to assign a priority to each one, from 1 to 10.

2025-11-05

One of the bigger changes in recent versions of SSMS has been the inclusion of connection encryption details on the main connection page:

Previously, this was on another page of the logon dialog. Once you make the connection though, there previously was no indication of what type of encryption was used. Now that appears in the query status bar as a lock. When you hover over the lock, it shows you the type of encryption that had been selected.

2025-11-04

I was reading a Facebook post the other day, and it was talking about the sad tale of Keith Sapsford. Keith fell to his death from within the landing gear area of a DC-8 that was leaving Sydney, bound for Tokyo.

What was fascinating was that his fall was inadvertently captured by an amateur photographer named John Gilpin.

But why this fascinated me now, is that when I read all the comments about the post, the vast majority of the comments were saying that the photo was fake, that it was AI generated, and that this could not possibly have happened.

2025-11-03

Uniqueness can be implemented by primary keys, unique constraints and unique indexes. The use of primary keys is well understood but confusion exists about unique constraints and unique indexes.

This issue arose from a consulting engagement I was performing earlier in the month. During one of the architectural discussions I was having with the client, an interesting question was suddenly posed: When would you ever use a unique index?

After thinking about this for a moment, I suddenly realized that I almost never would use one and so I raised the topic on a technical discussion forum. An interesting discussion ensued and I’ve summarized the key thoughts in this article.

2025-11-02