On SQL Server, is it possible to restrict certain users from using certain functions, operators or statements? Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)Is it possible to restrict SQL Server DB_Owner when connecting using SQL Server Mgt Studio?How to prevent a trigger from running on certain statements?SQL Server 2012 Remote Access to Certain UsersCan I restrict an SQL account from system tables / functions?SQL Server hangs indefinitely on certain joinsAre SQL Server Reader-Reader Deadlocks Possible?Restrict access in SQL serverIs it Possible to Overload SQL Server Functions?Is this the right attitude from the DBA team?Setting Cardinality Estimator in SQL Server 2016 for performance & using old CE of SQL Server 2012

Why are both D and D# fitting into my E minor key?

Why aren't air breathing engines used as small first stages

Has negative voting ever been officially implemented in elections, or seriously proposed, or even studied?

Is "Reachable Object" really an NP-complete problem?

How to compare two different files line by line in unix?

Using et al. for a last / senior author rather than for a first author

How to down pick a chord with skipped strings?

Do square wave exist?

Crossing US/Canada Border for less than 24 hours

Trademark violation for app?

Why wasn't DOSKEY integrated with COMMAND.COM?

Extracting terms with certain heads in a function

What would be the ideal power source for a cybernetic eye?

Amount of permutations on an NxNxN Rubik's Cube

How do I make this wiring inside cabinet safer? (Pic)

Why didn't Eitri join the fight?

Quick way to create a symlink?

What causes the direction of lightning flashes?

Can a new player join a group only when a new campaign starts?

Do I really need recursive chmod to restrict access to a folder?

Generate an RGB colour grid

Did MS DOS itself ever use blinking text?

Do jazz musicians improvise on the parent scale in addition to the chord-scales?

Dating a Former Employee



On SQL Server, is it possible to restrict certain users from using certain functions, operators or statements?



Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)Is it possible to restrict SQL Server DB_Owner when connecting using SQL Server Mgt Studio?How to prevent a trigger from running on certain statements?SQL Server 2012 Remote Access to Certain UsersCan I restrict an SQL account from system tables / functions?SQL Server hangs indefinitely on certain joinsAre SQL Server Reader-Reader Deadlocks Possible?Restrict access in SQL serverIs it Possible to Overload SQL Server Functions?Is this the right attitude from the DBA team?Setting Cardinality Estimator in SQL Server 2016 for performance & using old CE of SQL Server 2012



.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








6















we support a large number of developers and analysts who either do not know much or don't care at all about query performance. We have every day hundreds of poorly conceived queries (also due to poorly designed db architecture) that, each, suck away dozens of gigabytes of RAM from our servers and have execution plans in the range of megabytes stored in SQL cache.



We would like to restrict certain users from using SORTs and HASH MATCHes, specifically ORDER BY, SELECT DISTINCT and JOINs of any kind. Our intention is to let users pull their data, but work on it only on their side.



Could this be achieved in SQL Server?
Is there any DB engine that supports that?
What would be your thoughts about this?



I know this would beat the principle of a relational database, but we're looking for some way to enforce that the engine is properly used and not abused by uneducated users.



We are already considering the implementation of Resource Governor to allocate a certain amount of machine resources for these bad queries.










share|improve this question









New contributor




R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • have you tried to look at the queries being run and make sure there are indexes to support them and maybe change clustered index keys to improve performance?

    – Alen
    9 hours ago

















6















we support a large number of developers and analysts who either do not know much or don't care at all about query performance. We have every day hundreds of poorly conceived queries (also due to poorly designed db architecture) that, each, suck away dozens of gigabytes of RAM from our servers and have execution plans in the range of megabytes stored in SQL cache.



We would like to restrict certain users from using SORTs and HASH MATCHes, specifically ORDER BY, SELECT DISTINCT and JOINs of any kind. Our intention is to let users pull their data, but work on it only on their side.



Could this be achieved in SQL Server?
Is there any DB engine that supports that?
What would be your thoughts about this?



I know this would beat the principle of a relational database, but we're looking for some way to enforce that the engine is properly used and not abused by uneducated users.



We are already considering the implementation of Resource Governor to allocate a certain amount of machine resources for these bad queries.










share|improve this question









New contributor




R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • have you tried to look at the queries being run and make sure there are indexes to support them and maybe change clustered index keys to improve performance?

    – Alen
    9 hours ago













6












6








6








we support a large number of developers and analysts who either do not know much or don't care at all about query performance. We have every day hundreds of poorly conceived queries (also due to poorly designed db architecture) that, each, suck away dozens of gigabytes of RAM from our servers and have execution plans in the range of megabytes stored in SQL cache.



We would like to restrict certain users from using SORTs and HASH MATCHes, specifically ORDER BY, SELECT DISTINCT and JOINs of any kind. Our intention is to let users pull their data, but work on it only on their side.



Could this be achieved in SQL Server?
Is there any DB engine that supports that?
What would be your thoughts about this?



I know this would beat the principle of a relational database, but we're looking for some way to enforce that the engine is properly used and not abused by uneducated users.



We are already considering the implementation of Resource Governor to allocate a certain amount of machine resources for these bad queries.










share|improve this question









New contributor




R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












we support a large number of developers and analysts who either do not know much or don't care at all about query performance. We have every day hundreds of poorly conceived queries (also due to poorly designed db architecture) that, each, suck away dozens of gigabytes of RAM from our servers and have execution plans in the range of megabytes stored in SQL cache.



We would like to restrict certain users from using SORTs and HASH MATCHes, specifically ORDER BY, SELECT DISTINCT and JOINs of any kind. Our intention is to let users pull their data, but work on it only on their side.



Could this be achieved in SQL Server?
Is there any DB engine that supports that?
What would be your thoughts about this?



I know this would beat the principle of a relational database, but we're looking for some way to enforce that the engine is properly used and not abused by uneducated users.



We are already considering the implementation of Resource Governor to allocate a certain amount of machine resources for these bad queries.







sql-server query-performance execution-plan






share|improve this question









New contributor




R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 9 hours ago









mustaccio

10.1k72240




10.1k72240






New contributor




R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 11 hours ago









R. FerrazR. Ferraz

311




311




New contributor




R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












  • have you tried to look at the queries being run and make sure there are indexes to support them and maybe change clustered index keys to improve performance?

    – Alen
    9 hours ago

















  • have you tried to look at the queries being run and make sure there are indexes to support them and maybe change clustered index keys to improve performance?

    – Alen
    9 hours ago
















have you tried to look at the queries being run and make sure there are indexes to support them and maybe change clustered index keys to improve performance?

– Alen
9 hours ago





have you tried to look at the queries being run and make sure there are indexes to support them and maybe change clustered index keys to improve performance?

– Alen
9 hours ago










2 Answers
2






active

oldest

votes


















5














The answer by kevinsky is one path towards a solution for you.



A different path for your specific issue is to create a second reporting (and maybe a third dev) server(s). With copies of the production data. Your reporting people and development people can do all kinds of stupid, and not impact production.



There are multiple ways of achieving this, depending on how fresh your report/dev data needs to be.



A common solution is a nightly backup and restore to the secondary server. If you need really current data (like no lag or one second) look into SQL Server Always On






share|improve this answer

























  • yes, if an extra server and database license is not an issue then this is the best solution

    – kevinsky
    9 hours ago











  • @Kevinsky just use developer edition - no license needed for non-production usage. Unless of course it is production usage.

    – George.Palacios
    9 hours ago


















2














You can create views of the data they need and create a role that only allows select.



Or you can create stored procedures that return a result set that can be any combination of tables accessed with a query that performs well.



I do not know of any way to restrict the use of basic commands in SQL short of some hacky database level trigger and suggest that if you have that many users who don't know how to write a good query then some education is a more effective way to do this. Lunch time sessions?






share|improve this answer

























  • Having a DBA stop by their desk/cube in the middle of a long running SQL could help to focus the Lunch & Learn session. A quick discussion could help that person learn something (eg "you know, you really should add the partition keys to your WHERE clause"). It could also help the DBA to learn something too (eg that table really does need that index)

    – Michael Kutz
    9 hours ago











Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "182"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);






R. Ferraz is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f235044%2fon-sql-server-is-it-possible-to-restrict-certain-users-from-using-certain-funct%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























2 Answers
2






active

oldest

votes








2 Answers
2






active

oldest

votes









active

oldest

votes






active

oldest

votes









5














The answer by kevinsky is one path towards a solution for you.



A different path for your specific issue is to create a second reporting (and maybe a third dev) server(s). With copies of the production data. Your reporting people and development people can do all kinds of stupid, and not impact production.



There are multiple ways of achieving this, depending on how fresh your report/dev data needs to be.



A common solution is a nightly backup and restore to the secondary server. If you need really current data (like no lag or one second) look into SQL Server Always On






share|improve this answer

























  • yes, if an extra server and database license is not an issue then this is the best solution

    – kevinsky
    9 hours ago











  • @Kevinsky just use developer edition - no license needed for non-production usage. Unless of course it is production usage.

    – George.Palacios
    9 hours ago















5














The answer by kevinsky is one path towards a solution for you.



A different path for your specific issue is to create a second reporting (and maybe a third dev) server(s). With copies of the production data. Your reporting people and development people can do all kinds of stupid, and not impact production.



There are multiple ways of achieving this, depending on how fresh your report/dev data needs to be.



A common solution is a nightly backup and restore to the secondary server. If you need really current data (like no lag or one second) look into SQL Server Always On






share|improve this answer

























  • yes, if an extra server and database license is not an issue then this is the best solution

    – kevinsky
    9 hours ago











  • @Kevinsky just use developer edition - no license needed for non-production usage. Unless of course it is production usage.

    – George.Palacios
    9 hours ago













5












5








5







The answer by kevinsky is one path towards a solution for you.



A different path for your specific issue is to create a second reporting (and maybe a third dev) server(s). With copies of the production data. Your reporting people and development people can do all kinds of stupid, and not impact production.



There are multiple ways of achieving this, depending on how fresh your report/dev data needs to be.



A common solution is a nightly backup and restore to the secondary server. If you need really current data (like no lag or one second) look into SQL Server Always On






share|improve this answer















The answer by kevinsky is one path towards a solution for you.



A different path for your specific issue is to create a second reporting (and maybe a third dev) server(s). With copies of the production data. Your reporting people and development people can do all kinds of stupid, and not impact production.



There are multiple ways of achieving this, depending on how fresh your report/dev data needs to be.



A common solution is a nightly backup and restore to the secondary server. If you need really current data (like no lag or one second) look into SQL Server Always On







share|improve this answer














share|improve this answer



share|improve this answer








edited 8 hours ago

























answered 10 hours ago









James JenkinsJames Jenkins

2,26022045




2,26022045












  • yes, if an extra server and database license is not an issue then this is the best solution

    – kevinsky
    9 hours ago











  • @Kevinsky just use developer edition - no license needed for non-production usage. Unless of course it is production usage.

    – George.Palacios
    9 hours ago

















  • yes, if an extra server and database license is not an issue then this is the best solution

    – kevinsky
    9 hours ago











  • @Kevinsky just use developer edition - no license needed for non-production usage. Unless of course it is production usage.

    – George.Palacios
    9 hours ago
















yes, if an extra server and database license is not an issue then this is the best solution

– kevinsky
9 hours ago





yes, if an extra server and database license is not an issue then this is the best solution

– kevinsky
9 hours ago













@Kevinsky just use developer edition - no license needed for non-production usage. Unless of course it is production usage.

– George.Palacios
9 hours ago





@Kevinsky just use developer edition - no license needed for non-production usage. Unless of course it is production usage.

– George.Palacios
9 hours ago













2














You can create views of the data they need and create a role that only allows select.



Or you can create stored procedures that return a result set that can be any combination of tables accessed with a query that performs well.



I do not know of any way to restrict the use of basic commands in SQL short of some hacky database level trigger and suggest that if you have that many users who don't know how to write a good query then some education is a more effective way to do this. Lunch time sessions?






share|improve this answer

























  • Having a DBA stop by their desk/cube in the middle of a long running SQL could help to focus the Lunch & Learn session. A quick discussion could help that person learn something (eg "you know, you really should add the partition keys to your WHERE clause"). It could also help the DBA to learn something too (eg that table really does need that index)

    – Michael Kutz
    9 hours ago















2














You can create views of the data they need and create a role that only allows select.



Or you can create stored procedures that return a result set that can be any combination of tables accessed with a query that performs well.



I do not know of any way to restrict the use of basic commands in SQL short of some hacky database level trigger and suggest that if you have that many users who don't know how to write a good query then some education is a more effective way to do this. Lunch time sessions?






share|improve this answer

























  • Having a DBA stop by their desk/cube in the middle of a long running SQL could help to focus the Lunch & Learn session. A quick discussion could help that person learn something (eg "you know, you really should add the partition keys to your WHERE clause"). It could also help the DBA to learn something too (eg that table really does need that index)

    – Michael Kutz
    9 hours ago













2












2








2







You can create views of the data they need and create a role that only allows select.



Or you can create stored procedures that return a result set that can be any combination of tables accessed with a query that performs well.



I do not know of any way to restrict the use of basic commands in SQL short of some hacky database level trigger and suggest that if you have that many users who don't know how to write a good query then some education is a more effective way to do this. Lunch time sessions?






share|improve this answer















You can create views of the data they need and create a role that only allows select.



Or you can create stored procedures that return a result set that can be any combination of tables accessed with a query that performs well.



I do not know of any way to restrict the use of basic commands in SQL short of some hacky database level trigger and suggest that if you have that many users who don't know how to write a good query then some education is a more effective way to do this. Lunch time sessions?







share|improve this answer














share|improve this answer



share|improve this answer








edited 9 hours ago

























answered 11 hours ago









kevinskykevinsky

3,0842044




3,0842044












  • Having a DBA stop by their desk/cube in the middle of a long running SQL could help to focus the Lunch & Learn session. A quick discussion could help that person learn something (eg "you know, you really should add the partition keys to your WHERE clause"). It could also help the DBA to learn something too (eg that table really does need that index)

    – Michael Kutz
    9 hours ago

















  • Having a DBA stop by their desk/cube in the middle of a long running SQL could help to focus the Lunch & Learn session. A quick discussion could help that person learn something (eg "you know, you really should add the partition keys to your WHERE clause"). It could also help the DBA to learn something too (eg that table really does need that index)

    – Michael Kutz
    9 hours ago
















Having a DBA stop by their desk/cube in the middle of a long running SQL could help to focus the Lunch & Learn session. A quick discussion could help that person learn something (eg "you know, you really should add the partition keys to your WHERE clause"). It could also help the DBA to learn something too (eg that table really does need that index)

– Michael Kutz
9 hours ago





Having a DBA stop by their desk/cube in the middle of a long running SQL could help to focus the Lunch & Learn session. A quick discussion could help that person learn something (eg "you know, you really should add the partition keys to your WHERE clause"). It could also help the DBA to learn something too (eg that table really does need that index)

– Michael Kutz
9 hours ago










R. Ferraz is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















R. Ferraz is a new contributor. Be nice, and check out our Code of Conduct.












R. Ferraz is a new contributor. Be nice, and check out our Code of Conduct.











R. Ferraz is a new contributor. Be nice, and check out our Code of Conduct.














Thanks for contributing an answer to Database Administrators Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f235044%2fon-sql-server-is-it-possible-to-restrict-certain-users-from-using-certain-funct%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-execution-plan, query-performance, sql-server

Popular posts from this blog

Creating 100m^2 grid automatically using QGIS?Creating grid constrained within polygon in QGIS?Createing polygon layer from point data using QGIS?Creating vector grid using QGIS?Creating grid polygons from coordinates using R or PythonCreating grid from spatio temporal point data?Creating fields in attributes table using other layers using QGISCreate .shp vector grid in QGISQGIS Creating 4km point grid within polygonsCreate a vector grid over a raster layerVector Grid Creates just one grid

Word for a person who has no opinion about whether god existsWord for having a definite opinion while simultaneously withholding judgment?What's the opposite of “newcomer? Is ”veteran" OK?What do you call an “atheist” who might believe in an afterlife?What's a word for someone who wants to voice opinions but not have them challenged?Word for someone who dismisses contrary opinions as irrational?Somone who thinks they are overly special/out of the ordinaryIs there a word, phrase or idiom for “a person who is incapable of thinking about the future”?The belief that a god is human-likeA word for a non-famous person/thing you have heard a lot aboutAdjective for a person who enjoys taking care of their appearance

Can I redirect output to a log file and background a process at the same time?2019 Community Moderator ElectionUnable to write to file in shell script when running command in backgroundredirect and log script outputhow to properly log the output of a console program that frequently updates “parts” of the screen, resulting in a messy log file?How can I redirect the output of a child process?grep script - output lines at the same time into echoHow to run process in background and get its pid to create log file nameHow to redirect output to a log from expect commandHow to clear a redirect log file content in shell?Log background jobs started in all the manually started shells?Why do `jobs` and `dirs` run in command subsitution, process substitution, pipeline, and background jobs output the same as in original shell?How to redirect output to file to STDOUT?