On SQL Server, is it possible to restrict certain users from using certain functions, operators or statements? Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)Is it possible to restrict SQL Server DB_Owner when connecting using SQL Server Mgt Studio?How to prevent a trigger from running on certain statements?SQL Server 2012 Remote Access to Certain UsersCan I restrict an SQL account from system tables / functions?SQL Server hangs indefinitely on certain joinsAre SQL Server Reader-Reader Deadlocks Possible?Restrict access in SQL serverIs it Possible to Overload SQL Server Functions?Is this the right attitude from the DBA team?Setting Cardinality Estimator in SQL Server 2016 for performance & using old CE of SQL Server 2012
Why are both D and D# fitting into my E minor key?
Why aren't air breathing engines used as small first stages
Has negative voting ever been officially implemented in elections, or seriously proposed, or even studied?
Is "Reachable Object" really an NP-complete problem?
How to compare two different files line by line in unix?
Using et al. for a last / senior author rather than for a first author
How to down pick a chord with skipped strings?
Do square wave exist?
Crossing US/Canada Border for less than 24 hours
Trademark violation for app?
Why wasn't DOSKEY integrated with COMMAND.COM?
Extracting terms with certain heads in a function
What would be the ideal power source for a cybernetic eye?
Amount of permutations on an NxNxN Rubik's Cube
How do I make this wiring inside cabinet safer? (Pic)
Why didn't Eitri join the fight?
Quick way to create a symlink?
What causes the direction of lightning flashes?
Can a new player join a group only when a new campaign starts?
Do I really need recursive chmod to restrict access to a folder?
Generate an RGB colour grid
Did MS DOS itself ever use blinking text?
Do jazz musicians improvise on the parent scale in addition to the chord-scales?
Dating a Former Employee
On SQL Server, is it possible to restrict certain users from using certain functions, operators or statements?
Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)Is it possible to restrict SQL Server DB_Owner when connecting using SQL Server Mgt Studio?How to prevent a trigger from running on certain statements?SQL Server 2012 Remote Access to Certain UsersCan I restrict an SQL account from system tables / functions?SQL Server hangs indefinitely on certain joinsAre SQL Server Reader-Reader Deadlocks Possible?Restrict access in SQL serverIs it Possible to Overload SQL Server Functions?Is this the right attitude from the DBA team?Setting Cardinality Estimator in SQL Server 2016 for performance & using old CE of SQL Server 2012
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
we support a large number of developers and analysts who either do not know much or don't care at all about query performance. We have every day hundreds of poorly conceived queries (also due to poorly designed db architecture) that, each, suck away dozens of gigabytes of RAM from our servers and have execution plans in the range of megabytes stored in SQL cache.
We would like to restrict certain users from using SORTs and HASH MATCHes, specifically ORDER BY, SELECT DISTINCT and JOINs of any kind. Our intention is to let users pull their data, but work on it only on their side.
Could this be achieved in SQL Server?
Is there any DB engine that supports that?
What would be your thoughts about this?
I know this would beat the principle of a relational database, but we're looking for some way to enforce that the engine is properly used and not abused by uneducated users.
We are already considering the implementation of Resource Governor to allocate a certain amount of machine resources for these bad queries.
sql-server query-performance execution-plan
edited 9 hours ago
mustaccio
10.1k72240
asked 11 hours ago
R. FerrazR. Ferraz
311
New contributor
R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
we support a large number of developers and analysts who either do not know much or don't care at all about query performance. We have every day hundreds of poorly conceived queries (also due to poorly designed db architecture) that, each, suck away dozens of gigabytes of RAM from our servers and have execution plans in the range of megabytes stored in SQL cache.
We would like to restrict certain users from using SORTs and HASH MATCHes, specifically ORDER BY, SELECT DISTINCT and JOINs of any kind. Our intention is to let users pull their data, but work on it only on their side.
Could this be achieved in SQL Server?
Is there any DB engine that supports that?
What would be your thoughts about this?
I know this would beat the principle of a relational database, but we're looking for some way to enforce that the engine is properly used and not abused by uneducated users.
We are already considering the implementation of Resource Governor to allocate a certain amount of machine resources for these bad queries.
sql-server query-performance execution-plan
edited 9 hours ago
mustaccio
10.1k72240
asked 11 hours ago
R. FerrazR. Ferraz
311
New contributor
R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
have you tried to look at the queries being run and make sure there are indexes to support them and maybe change clustered index keys to improve performance?
– Alen
9 hours ago
add a comment |
we support a large number of developers and analysts who either do not know much or don't care at all about query performance. We have every day hundreds of poorly conceived queries (also due to poorly designed db architecture) that, each, suck away dozens of gigabytes of RAM from our servers and have execution plans in the range of megabytes stored in SQL cache.
We would like to restrict certain users from using SORTs and HASH MATCHes, specifically ORDER BY, SELECT DISTINCT and JOINs of any kind. Our intention is to let users pull their data, but work on it only on their side.
Could this be achieved in SQL Server?
Is there any DB engine that supports that?
What would be your thoughts about this?
I know this would beat the principle of a relational database, but we're looking for some way to enforce that the engine is properly used and not abused by uneducated users.
We are already considering the implementation of Resource Governor to allocate a certain amount of machine resources for these bad queries.
sql-server query-performance execution-plan
edited 9 hours ago
mustaccio
10.1k72240
asked 11 hours ago
R. FerrazR. Ferraz
311
New contributor
R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
we support a large number of developers and analysts who either do not know much or don't care at all about query performance. We have every day hundreds of poorly conceived queries (also due to poorly designed db architecture) that, each, suck away dozens of gigabytes of RAM from our servers and have execution plans in the range of megabytes stored in SQL cache.
We would like to restrict certain users from using SORTs and HASH MATCHes, specifically ORDER BY, SELECT DISTINCT and JOINs of any kind. Our intention is to let users pull their data, but work on it only on their side.
Could this be achieved in SQL Server?
Is there any DB engine that supports that?
What would be your thoughts about this?
I know this would beat the principle of a relational database, but we're looking for some way to enforce that the engine is properly used and not abused by uneducated users.
We are already considering the implementation of Resource Governor to allocate a certain amount of machine resources for these bad queries.
sql-server query-performance execution-plan
sql-server query-performance execution-plan
edited 9 hours ago
mustaccio
10.1k72240
asked 11 hours ago
R. FerrazR. Ferraz
311
New contributor
R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 9 hours ago
mustaccio
10.1k72240
asked 11 hours ago
R. FerrazR. Ferraz
311
New contributor
R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 9 hours ago
mustaccio
10.1k72240
edited 9 hours ago
mustaccio
10.1k72240
edited 9 hours ago
mustaccio
10.1k72240
10.1k72240
asked 11 hours ago
R. FerrazR. Ferraz
311
New contributor
R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 11 hours ago
R. FerrazR. Ferraz
311
asked 11 hours ago
R. FerrazR. Ferraz
311
311
New contributor
R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
R. Ferraz is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
have you tried to look at the queries being run and make sure there are indexes to support them and maybe change clustered index keys to improve performance?
– Alen
9 hours ago
add a comment |
have you tried to look at the queries being run and make sure there are indexes to support them and maybe change clustered index keys to improve performance?
– Alen
9 hours ago
have you tried to look at the queries being run and make sure there are indexes to support them and maybe change clustered index keys to improve performance?
– Alen
9 hours ago
have you tried to look at the queries being run and make sure there are indexes to support them and maybe change clustered index keys to improve performance?
– Alen
9 hours ago
add a comment |
2 Answers
2
active
oldest
votes
The answer by kevinsky is one path towards a solution for you.
A different path for your specific issue is to create a second reporting (and maybe a third dev) server(s). With copies of the production data. Your reporting people and development people can do all kinds of stupid, and not impact production.
There are multiple ways of achieving this, depending on how fresh your report/dev data needs to be.
A common solution is a nightly backup and restore to the secondary server. If you need really current data (like no lag or one second) look into SQL Server Always On
answered 10 hours ago
James JenkinsJames Jenkins
2,26022045
yes, if an extra server and database license is not an issue then this is the best solution
– kevinsky
9 hours ago
@Kevinsky just use developer edition - no license needed for non-production usage. Unless of course it is production usage.
– George.Palacios
9 hours ago
add a comment |
You can create views of the data they need and create a role that only allows select.
Or you can create stored procedures that return a result set that can be any combination of tables accessed with a query that performs well.
I do not know of any way to restrict the use of basic commands in SQL short of some hacky database level trigger and suggest that if you have that many users who don't know how to write a good query then some education is a more effective way to do this. Lunch time sessions?
answered 11 hours ago
kevinskykevinsky
3,0842044
Having a DBA stop by their desk/cube in the middle of a long running SQL could help to focus the Lunch & Learn session. A quick discussion could help that person learn something (eg "you know, you really should add the partition keys to your WHERE clause"). It could also help the DBA to learn something too (eg that table really does need that index)
– Michael Kutz
9 hours ago
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "182"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
R. Ferraz is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f235044%2fon-sql-server-is-it-possible-to-restrict-certain-users-from-using-certain-funct%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
The answer by kevinsky is one path towards a solution for you.
A different path for your specific issue is to create a second reporting (and maybe a third dev) server(s). With copies of the production data. Your reporting people and development people can do all kinds of stupid, and not impact production.
There are multiple ways of achieving this, depending on how fresh your report/dev data needs to be.
A common solution is a nightly backup and restore to the secondary server. If you need really current data (like no lag or one second) look into SQL Server Always On
answered 10 hours ago
James JenkinsJames Jenkins
2,26022045
yes, if an extra server and database license is not an issue then this is the best solution
– kevinsky
9 hours ago
@Kevinsky just use developer edition - no license needed for non-production usage. Unless of course it is production usage.
– George.Palacios
9 hours ago
add a comment |
The answer by kevinsky is one path towards a solution for you.
A different path for your specific issue is to create a second reporting (and maybe a third dev) server(s). With copies of the production data. Your reporting people and development people can do all kinds of stupid, and not impact production.
There are multiple ways of achieving this, depending on how fresh your report/dev data needs to be.
A common solution is a nightly backup and restore to the secondary server. If you need really current data (like no lag or one second) look into SQL Server Always On
answered 10 hours ago
James JenkinsJames Jenkins
2,26022045
yes, if an extra server and database license is not an issue then this is the best solution
– kevinsky
9 hours ago
@Kevinsky just use developer edition - no license needed for non-production usage. Unless of course it is production usage.
– George.Palacios
9 hours ago
add a comment |
The answer by kevinsky is one path towards a solution for you.
A different path for your specific issue is to create a second reporting (and maybe a third dev) server(s). With copies of the production data. Your reporting people and development people can do all kinds of stupid, and not impact production.
There are multiple ways of achieving this, depending on how fresh your report/dev data needs to be.
A common solution is a nightly backup and restore to the secondary server. If you need really current data (like no lag or one second) look into SQL Server Always On
answered 10 hours ago
James JenkinsJames Jenkins
2,26022045
The answer by kevinsky is one path towards a solution for you.
A different path for your specific issue is to create a second reporting (and maybe a third dev) server(s). With copies of the production data. Your reporting people and development people can do all kinds of stupid, and not impact production.
There are multiple ways of achieving this, depending on how fresh your report/dev data needs to be.
A common solution is a nightly backup and restore to the secondary server. If you need really current data (like no lag or one second) look into SQL Server Always On
answered 10 hours ago
James JenkinsJames Jenkins
2,26022045
edited 8 hours ago
answered 10 hours ago
James JenkinsJames Jenkins
2,26022045
answered 10 hours ago
James JenkinsJames Jenkins
2,26022045
answered 10 hours ago
James JenkinsJames Jenkins
2,26022045
2,26022045
yes, if an extra server and database license is not an issue then this is the best solution
– kevinsky
9 hours ago
@Kevinsky just use developer edition - no license needed for non-production usage. Unless of course it is production usage.
– George.Palacios
9 hours ago
add a comment |
yes, if an extra server and database license is not an issue then this is the best solution
– kevinsky
9 hours ago
@Kevinsky just use developer edition - no license needed for non-production usage. Unless of course it is production usage.
– George.Palacios
9 hours ago
yes, if an extra server and database license is not an issue then this is the best solution
– kevinsky
9 hours ago
yes, if an extra server and database license is not an issue then this is the best solution
– kevinsky
9 hours ago
@Kevinsky just use developer edition - no license needed for non-production usage. Unless of course it is production usage.
– George.Palacios
9 hours ago
@Kevinsky just use developer edition - no license needed for non-production usage. Unless of course it is production usage.
– George.Palacios
9 hours ago
add a comment |
You can create views of the data they need and create a role that only allows select.
Or you can create stored procedures that return a result set that can be any combination of tables accessed with a query that performs well.
I do not know of any way to restrict the use of basic commands in SQL short of some hacky database level trigger and suggest that if you have that many users who don't know how to write a good query then some education is a more effective way to do this. Lunch time sessions?
answered 11 hours ago
kevinskykevinsky
3,0842044
Having a DBA stop by their desk/cube in the middle of a long running SQL could help to focus the Lunch & Learn session. A quick discussion could help that person learn something (eg "you know, you really should add the partition keys to your WHERE clause"). It could also help the DBA to learn something too (eg that table really does need that index)
– Michael Kutz
9 hours ago
add a comment |
You can create views of the data they need and create a role that only allows select.
Or you can create stored procedures that return a result set that can be any combination of tables accessed with a query that performs well.
I do not know of any way to restrict the use of basic commands in SQL short of some hacky database level trigger and suggest that if you have that many users who don't know how to write a good query then some education is a more effective way to do this. Lunch time sessions?
answered 11 hours ago
kevinskykevinsky
3,0842044
Having a DBA stop by their desk/cube in the middle of a long running SQL could help to focus the Lunch & Learn session. A quick discussion could help that person learn something (eg "you know, you really should add the partition keys to your WHERE clause"). It could also help the DBA to learn something too (eg that table really does need that index)
– Michael Kutz
9 hours ago
add a comment |
You can create views of the data they need and create a role that only allows select.
Or you can create stored procedures that return a result set that can be any combination of tables accessed with a query that performs well.
I do not know of any way to restrict the use of basic commands in SQL short of some hacky database level trigger and suggest that if you have that many users who don't know how to write a good query then some education is a more effective way to do this. Lunch time sessions?
answered 11 hours ago
kevinskykevinsky
3,0842044
You can create views of the data they need and create a role that only allows select.
Or you can create stored procedures that return a result set that can be any combination of tables accessed with a query that performs well.
I do not know of any way to restrict the use of basic commands in SQL short of some hacky database level trigger and suggest that if you have that many users who don't know how to write a good query then some education is a more effective way to do this. Lunch time sessions?
answered 11 hours ago
kevinskykevinsky
3,0842044
edited 9 hours ago
answered 11 hours ago
kevinskykevinsky
3,0842044
answered 11 hours ago
kevinskykevinsky
3,0842044
answered 11 hours ago
kevinskykevinsky
3,0842044
3,0842044
Having a DBA stop by their desk/cube in the middle of a long running SQL could help to focus the Lunch & Learn session. A quick discussion could help that person learn something (eg "you know, you really should add the partition keys to your WHERE clause"). It could also help the DBA to learn something too (eg that table really does need that index)
– Michael Kutz
9 hours ago
add a comment |
Having a DBA stop by their desk/cube in the middle of a long running SQL could help to focus the Lunch & Learn session. A quick discussion could help that person learn something (eg "you know, you really should add the partition keys to your WHERE clause"). It could also help the DBA to learn something too (eg that table really does need that index)
– Michael Kutz
9 hours ago
Having a DBA stop by their desk/cube in the middle of a long running SQL could help to focus the Lunch & Learn session. A quick discussion could help that person learn something (eg "you know, you really should add the partition keys to your WHERE clause"). It could also help the DBA to learn something too (eg that table really does need that index)
– Michael Kutz
9 hours ago
Having a DBA stop by their desk/cube in the middle of a long running SQL could help to focus the Lunch & Learn session. A quick discussion could help that person learn something (eg "you know, you really should add the partition keys to your WHERE clause"). It could also help the DBA to learn something too (eg that table really does need that index)
– Michael Kutz
9 hours ago
add a comment |
R. Ferraz is a new contributor. Be nice, and check out our Code of Conduct.
R. Ferraz is a new contributor. Be nice, and check out our Code of Conduct.
R. Ferraz is a new contributor. Be nice, and check out our Code of Conduct.
R. Ferraz is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Database Administrators Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f235044%2fon-sql-server-is-it-possible-to-restrict-certain-users-from-using-certain-funct%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
-execution-plan, query-performance, sql-server
have you tried to look at the queries being run and make sure there are indexes to support them and maybe change clustered index keys to improve performance?
– Alen
9 hours ago