###BeginCaseStudy###
Case Study 4
A Datum
Overview
General Overview
A Datum Corporation has offices in Miami and Montreal.
The network contains a single Active Directory forest named adatum.com. The offices
connect to each other by using a WAN link that has a 5-ms latency.
A Datum standardizes its database platform by using SQL Server 2014 Standard edition.
Databases
Each office contains databases named Sales. Inventory, Customers, Products, Personnel, and Dev.
Servers and databases are managed by a team of database administrators. Currently, all of the
database administrators have the same level of permissions on all of the servers and all of the
databases.
The Customers database contains two tables named Customers and Classifications. The
following graphic shows the relevant portions of the tables:
The following table shows the current data in the Classifications table:
The Inventory database is used mainly for reports. The database is recreated every day. A full
backup of the database currently takes three hours to complete.
Stored Procedures
A stored procedure named USP_1 generates millions of rows of data for multiple reports.
USP_1 combines data from five different tables from the Sales and Customers databases in a
table named Table1.
After Table1 is created, the reporting process reads data from a table in the Products database
and searches for information in Table1 based on input from the Products table. After the
process is complete, Table1 is deleted.
A stored procedure named USP_2 is used to generate a product list. USP_2 takes several
minutes to run due to locks on the tables the procedure accesses.
A stored procedure named USP_3 is used to update prices. USP_3 is composed of several
UPDATE statements called in sequence from within a transaction. Currently, if one of the
UPDATE statements fails, the stored procedure continues to execute.
A stored procedure named USP_4 calls stored procedures in the Sales, Customers, and
Inventory databases. The nested stored procedures read tables from the Sales, Customers, and
Inventory databases. USP_4 uses an EXECUTE AS clause.
A stored procedure named USP_5 changes data in multiple databases. Security checks are
performed each time USP_5 accesses a database.
You suspect that the security checks are slowing down the performance of USP_5.
All stored procedures accessed by user applications call nested stored procedures. The nested
stored procedures are never called directly.
Design Requirements
Data Recovery
You must be able to recover data from the Inventory database if a storage failure occurs. You
have a Recovery Point Objective (RPO) of one hour.
You must be able to recover data from the Dev database if data is lost accidentally. You have
a Recovery Point Objective (RPO) of one day.
Classification Changes
You plan to change the way customers are classified. The new classifications will have four
levels based on the number of orders. Classifications may be removed or added in the future.
Management requests that historical data be maintained for the previous classifications.
Security
A group of junior database administrators must be able to view the server state of the SQL
Server instance that hosts the Sales database. The junior database administrators will not have
any other administrative rights.
A Datum wants to track which users run each stored procedure.
Storage
A Datum has limited storage. Whenever possible, all storage space should be minimized for
all databases and all backups.
Error Handling
There is currently no error handling code in any stored procedure. You plan to log errors in
called stored procedures and nested stored procedures. Nested stored procedures are never
called directly.
###EndCaseStudy###
You need to recommend a solution to minimize the amount of time it takes to execute USP_5.
What should you include in the recommendation?
A.
Enable cross-database chaining.
B.
Use a server role to group all logins.
C.
Use the EXECUTE AS clause in USP_5.
D.
Copy USP.5 to each database.
Explanation:
* scenario: A stored procedure named USP_5 changes data in multiple databases. Security
checks are performed each time USP_5 accesses a database.
* Cross-database ownership chaining occurs when a procedure in one database depends on
objects in another database. A cross-database ownership chain works in the same way as
ownership chaining within a single database, except that an unbroken ownership chain
requires that all the object owners are mapped to the same login account. If the source
object in the source database and the target objects in the target databases are owned by
the same login account, SQL Server does not check permissions on the target objects.
A is right
The Case Study [In Stored Procedures] says “… security checks are slowing down the performance of USP_5.”, if enable the cross-database chaining, and the same login is mapped in all databases (to the database user that is the owner of the object) that will be used to access, the SQL Server Engine will only perform security check on the login, so it would improve the execution of USP_5.
Enabling Cross-Database / Enabling Cross-database Ownership Chaining:
Cross-database ownership chaining occurs when a procedure in one database depends on objects in another database. A cross-database ownership chain works in the same way as ownership chaining within a single database, except that an unbroken ownership chain requires that all the object owners are mapped to the same login account. If the source object in the source database and the target objects in the target databases are owned by the same login account, SQL Server does not check permissions on the target objects.
Cross-database ownership chaining should only be enabled in environments where you can fully trust highly-privileged users.
https://msdn.microsoft.com/en-us/library/bb669059(v=vs.110).aspx