I have started a new Azure SQL server instance with some firewall rules to limit the access. Everything seems fine at first. After setting the rules accordingly I can't connect to the server using SQL Server Management Studio, but when I run my application, that's executing stored procedures on the database, it does not block it even though I limited all access (removed all firewall rules).
How can this be? Why can my application access the db but not SSMS? What do I need to do to secure the db from IP's outside the firewall rules?
Thanks!
Related
How do I make connection to an AWS hosted database, and pull or query data into a local or Azure hosted SQL server DB? Can I be directed to the right place or resource?
Thanks.
There's nothing special about the fact that they're in AWS or Azure VMs. For this to work, you need TCP/IP connectivity from your client to the server, and you need port 1433 to not be blocked along the way.
The VM in AWS or Azure needs to have an externally visible IP address, or you need to be connecting via a VPN to the internal network of the cloud-hosted system. The operating system on that VM that's hosting SQL Server needs to have a firewall rule that allows port 1433 inbound.
Once you can do that, you can then just set up a Linked Server on your end, that refers to the SQL Server at the other end. That will allow you to query the tables on the server via 4 part names i.e. linkedservername.databasename.schemaname.tablename.
If you have SQL Server with the same collation at both ends, also ensure you set "collation compatible" on the linked server configuration. (It can make a huge performance difference)
Hey all I am in need of some help setting up TFS on my Azure windows server 2016 VM.
I think i have all my firewall rules set up but i'm not that sure if i do or not. I followed this site as an example.
However, I am not able to reach it outside of my server using my domain name like so:
http://mydomain.me:8080/tfs
I have also tested out my connecting outside of my server for my SQL 2017 and it seems i cannot connect to that either.
What am i missing in order for me to connect to both the SQL and TFS from outside the server?
Firmware rules are not enough to access TFS set up in Azure. The basic topology looks something like the illustration below:
In a virtual network, it establishes a new domain with two domain controllers and deploys a TFS server, a database, and a TFS agent. To access the virtual network, the pattern includes a jump box; another strategy would be to add a VPN gateway, but for simplicity we are going with the jump box.
You can check the blog below for more information:
https://blogs.msdn.microsoft.com/mihansen/2017/11/15/private-tfs-deployment-in-azure/
Or you could consider migrating to VSTS as #Daniel's mentioned.
I was going to process the cube deployment and found the error.
I changed the target server name from 'localhost' to this,and tried different way but in vain.
Here is the snap from my SSMS
You may have multiple issues going on but the first and foremost is you do NOT deploy SSAS Multidimensional [MDX] models to a SQL Database Engine Instance!
Unless you have a very odd configuration ATI-PC\MSSQLSERVER should point to the default MS SQL Server Database Engine Instance NOT an SSAS MDX instance!
The SSMS screen shot you show is for the local host connection you show is for a Database Engine with SQL Server Authentication (SA), which I would assume the instance is called MSSQLSERVER which is the default instance name.
1) What is your SSAS instance name?
2) Does your windows account have permissions? SSAS doesn't allow for SQL server authentication so it must be windows authentication.
3) Is SQL Browser running?
4) Have you configured SQL Browser to allow for the protocols and to allow connections from both Localhost and ATI-PC(InstanceName)?
to connect to Analysis Services Change the Server Type. When first launching SSMS you can do that via changing server type and then modifying the server name to the appropriate name.
If your SSMS is already open you can select "Connect" drop down and choose Analysis Services.
Check on your SQL Browser Configuration by Launching "SQL Server (Version) Configuration Manager" then step through the different areas as far as how to configure it is somewhat self explanatory and because you are deploying an AdeventureWorks cube I would surmise that the configuration would be earlier in you tutorial you are working on.
I am sure that you have 'SQL Browser' service running in services.msc. Still I doubt your account which you logged in has access to SSAS and also to connect to that underlying SQL Server. Try checking both for the access, if you selected deploy as service account check that account has access in SSAS. If still you have issues trying checking the eventvwr if you are getting any more errors. If it is development box try recycling SSAS services and try deploying?
The solution consists of an SQL Database and desktop application working hard with that DB. DB Deployed as Azure SQL Database, application running on Azure Virtual Machine with Windows Server onboard. What is the deployment guidelines for this two services in Azure? I want to achieve max performance. Should they both be located in same resource group?
You will need to get your app and the database located as close as possible so yes the same resource group.
Make sure you do not have Mars enabled (MultipleActiveResultSets in connection string).
Make sure you do use connection pooling.
Read this to understand what you are dealing with:
https://www.simple-talk.com/sql/learn-sql-server/improving-the-quality-of-sql-server-database-connections-in-the-cloud/
Ed
Currently our windows desktop applications run against a SQL Server instance that resides on our network. I'd like to remove the local instance and seamlessly assess the data from a remote SQL Server instance such as Azure. I could write a middle tier, such as WCF, but I'd rather not. It would be easiest just gain direct access to the SQL server. Can this be done?
Thanks.
Yes. - http://msdn.microsoft.com/en-us/library/windowsazure/ee336282.aspx
You'll need to ensure that the Azure SQL Database firewall rules are set up to allow traffic from your IP.
If you are running full SQL Server on a Windows Azure Virtual Machine you can open the port to the SQL Server. Be aware that you'd likely want to ACL the endpoints on a VM to restrict access to your IPs.
Remote SQL Server and Azure could be very different things.
First difference that you will found is the Connection String form. Azure SQL connection strings looks like:
Server=tcp:xxxxxxxx.database.windows.net;Database=xxxxxxxx;User ID=xxxxxxx#xxxxxxxxx;Password=xxxxxxxxxx;Trusted_Connection=False;Encrypt=True;