Advertisements

Archive

Archive for the ‘Uncategorized’ Category

DACPAC – Could not deploy package, the database platform service with type Sql130DatabaseSchemaProvider is not valid


 
So, today while deploying a DACPAC file by using SqlPackage.exe utility I faced an error:

*** Could not deploy package
Internal error. The database platform service with type Microsoft.Data.Tools.Schema.Sql.Sql130DatabaseSchemaProvider is not valid. You must make sure the service is loaded, or you must provide the full type name of a valid database platform service.

For few minutes I was wondering why this error was coming, but when I saw the version number in above error message it became clear. The version number 130 highlighted above belongs to SQL Server 2016, and the database where I need to deploy DACPAC was SQL Server 2012. So, its clear that the DACPAC was built in Visual Studio with SQL Server 2016 setting.

So I went back to Visual Studio – Project Settings and changed the version to SQL Server 2012, and re-build the Project, and got the correct DACPAC file.


Advertisements
Categories: Uncategorized

SQL Error – Cannot connect to xyz_sql_instance, due to remote firewall issue


 
After creating a new Azure Windows Server VM with SQL Server installed, I was not able to connect it from my PC via SSMS. Everytime I tried to connect I was getting following error:

Cannot connect to xyz_sql_instance.
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provier, error: 40 – Could not open a connection to SQL Server) (Microsoft SQL Server, Error: 53)
The network path was not found


 

–> I checked online and found following command to enable the port, but it ran into error:

C:\windows\system32>netsh firewall set portopening TCP 1433 “SQLServer”

“… netsh firewall” is deprecated; use “netsh advfirewall firewall” instead.


 

–> So, lets execute the new netsh advfirewall firewall command and see what options it has:

C:\windows\system32>netsh advfirewall firewall /?

The following commands are available:

Commands in this context:
? – Displays a list of commands.
add – Adds a new inbound or outbound firewall rule.
delete – Deletes all matching firewall rules.
dump – Displays a configuration script.
help – Displays a list of commands.
set – Sets new values for properties of a existing rule.
show – Displays a specified firewall rule.

To view help for a command, type the command, followed by a space, and then type ?.

 

–> Now with above options we are clear that we have to add a new inbound firewall rule, so we will check how can we use the add option:

C:\windows\system32>netsh advfirewall firewall add /?

The following commands are available:

Commands in this context:
add rule – Adds a new inbound or outbound firewall rule.

 

–> Let’s apply the add rule option and see more options:

C:\windows\system32>netsh advfirewall firewall add rule /?

Usage: add rule name=
dir=in|out
action=allow|block|bypass
[program=]
[service=|any]
[description=]
[enable=yes|no (default=yes)]
[profile=public|private|domain|any[,…]]
[localip=any|||||]
[remoteip=any|localsubnet|dns|dhcp|wins|defaultgateway|
||||]
[localport=0-65535|[,…]|RPC|RPC-EPMap|IPHTTPS|any (default=any)]
[remoteport=0-65535|[,…]|any (default=any)]
[protocol=0-255|icmpv4|icmpv6|icmpv4:type,code|icmpv6:type,code|
tcp|udp|any (default=any)]
[interfacetype=wireless|lan|ras|any]
[rmtcomputergrp=]
[rmtusrgrp=]
[edge=yes|deferapp|deferuser|no (default=no)]
[security=authenticate|authenc|authdynenc|authnoencap|notrequired
(default=notrequired)]

Remarks:

– Add a new inbound or outbound rule to the firewall policy.
– Rule name should be unique and cannot be “all”.
– If a remote computer or user group is specified, security must be
authenticate, authenc, authdynenc, or authnoencap.
– Setting security to authdynenc allows systems to dynamically
negotiate the use of encryption for traffic that matches
a given Windows Firewall rule. Encryption is negotiated based on
existing connection security rule properties. This option
enables the ability of a machine to accept the first TCP
or UDP packet of an inbound IPsec connection as long as
it is secured, but not encrypted, using IPsec.
Once the first packet is processed, the server will
re-negotiate the connection and upgrade it so that
all subsequent communications are fully encrypted.
– If action=bypass, the remote computer group must be specified when dir=in.
– If service=any, the rule applies only to services.
– ICMP type or code can be “any”.
– Edge can only be specified for inbound rules.
– AuthEnc and authnoencap cannot be used together.
– Authdynenc is valid only when dir=in.
– When authnoencap is set, the security=authenticate option becomes an
optional parameter.

Examples:

Add an inbound rule with no encapsulation security for browser.exe:
netsh advfirewall firewall add rule name=”allow browser”
dir=in program=”c:\programfiles\browser\browser.exe”
security=authnoencap action=allow

Add an outbound rule for port 80:
netsh advfirewall firewall add rule name=”allow80″
protocol=TCP dir=out localport=80 action=block

Add an inbound rule requiring security and encryption
for TCP port 80 traffic:
netsh advfirewall firewall add rule
name=”Require Encryption for Inbound TCP/80″
protocol=TCP dir=in localport=80 security=authdynenc
action=allow

Add an inbound rule for browser.exe and require security
netsh advfirewall firewall add rule name=”allow browser”
dir=in program=”c:\program files\browser\browser.exe”
security=authenticate action=allow

Add an authenticated firewall bypass rule for group
acmedomain\scanners identified by a SDDL string:
netsh advfirewall firewall add rule name=”allow scanners”
dir=in rmtcomputergrp= action=bypass
security=authenticate

Add an outbound allow rule for local ports 5000-5010 for udp-
Add rule name=”Allow port range” dir=out protocol=udp localport=5000-5010 action=allow

 

–> OK, so this gives us more options and also samples at the end to construct our command. So we will us the above highlighted command to add port for our SQL Server, as shown below:

C:\windows\system32>netsh advfirewall firewall add rule name=”SQL Server Engine” protocol=TCP dir=in localport=1433 action=allow

C:\windows\system32>netsh advfirewall firewall add rule name=”SQL Server Browser” protocol=UDP dir=in localport=1434 action=allow
 

Now, I am able to connect remotely without any issues.


Categories: Uncategorized

SQL Error – The server may be running out of resources, or the assembly may not be trusted with PERMISSION_SET = EXTERNAL_ACCESS or UNSAFE


 
Today after setting up a new Database environment I ran into a small issue. While running a Stored Procedure I was getting following error:
 

Sql Severity : 16
Sql Message ID : 10314

Message
Executed as user: XYZdomain\XYZaccount. An error occurred in the Microsoft .NET Framework while trying to load assembly id 65536. The server may be running out of resources, or the assembly may not be trusted with PERMISSION_SET = EXTERNAL_ACCESS or UNSAFE. Run the query again, or check documentation to see how to solve the assembly trust issues. For more information about this error: System.IO.FileLoadException: Could not load file or assembly ‘XYZAssemblyName, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null’ or one of its dependencies. An error relating to security occurred. (Exception from HRESULT: 0x8013150A) System.IO.FileLoadException: at System.Reflection.RuntimeAssembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, RuntimeAssembly locationHint, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks) at System.Reflection.RuntimeAssembly.InternalLoadAssemblyName(AssemblyName assemblyRef, Evidence assemblySecurity, RuntimeAssembly reqAssembly, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks) at System.Reflection.RuntimeAssembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean forIntrospection) at System.Reflection.RuntimeAssembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) at System.Reflection.Assembly.Load(String assemblyString) [SQLSTATE 42000] (Error 10314). The step failed.

 

I checked online and found that after restoring the Databases on DEV from PROD environment, the Stored Procedure that I was executing on DEV was CLR enabled thus it has the external_access or unsafe permission set from the database. And the login that was use to create the database on PROD was not same as in the instance of DEV DB. Thus it was not allowing to execute the CLR SP and resulting into error due to safety concerns.
 

Thus you can either use the Windows login or the SQL Server login which is common on both the environments (PROD & DEV, in my case), so:

1. First Enable Trustworthy database property

2. And change the database owner to ‘sa’

ALTER DATABASE [DatabaseName] SET TRUSTWORTHY ON;
GO

USE [DatabaseName]
GO

EXEC sp_changedbowner 'sa'
GO

 

This issue could also occur when you are Creating a new Assembly that has the external_access or unsafe permission set in the same database.

Server: Msg 10327, Level 14, State 1, Line 1
CREATE ASSEMBLY for assembly ‘XYZAssemblyName’ failed because assembly ‘XYZAssemblyName’ is not authorized for PERMISSION_SET = EXTERNAL_ACCESS. The assembly is authorized when either of the following is true: the database owner (DBO) has EXTERNAL ACCESS ASSEMBLY permission and the database has the TRUSTWORTHY database property on; or the assembly is signed with a certificate or an asymmetric key that has a corresponding login with EXTERNAL ACCESS ASSEMBLY permission.


A very Happy SQL-licious & SQL-s-tastic Valentines day to all of you !!!

February 14, 2016 2 comments

Wish you all a very happy Valentines day !

Here is a love Query for you all:

SELECT NCHAR(10084)

Execute it and share it with your valentine 😂
 

… and now a special SQL Joke on this day!

--// Valentines special SQL query: for Guys

Select * from [Earth] 
where [Girl] = 'Single' 
and [status] = 'Available';

-- (0 row(s) affected)




--// Valentines special SQL query: for Girls

Select * from [Earth] 
where [Boy]  = 'Single' 
and [status] = 'Available';

-- System.outOfMemory.exception 
-- Too many rows to handle

 

For more jokes on SQL check here.
 

Subscribe my YouTube channel for more updates on SQL.


Categories: Uncategorized Tags:

Start a Blog | Why, What, How, Where

August 5, 2014 Leave a comment

I started Blogging almost 5 years back (early 2009). That time I didn’t thought to blog publicly, but just created a blog site in Google’s Blogger.com to create and track a library of technical articles that I can access anywhere. Suddenly I started getting hits on my posts and people started asking questions and suggestions. Then I thought to give my blog a professional look and add some quality content.

I was quiet impressed with WordPress.com so moved my blog to this new hosting site and SQLwithManoj.wordpress.com came into life.

Last week I thought to port my blog to a dedicated Domain name, so I upgraded my account in WordPress only rather than going with other domain registering sites. Now the blog’s new address is SQLwithManoj.com, which is maintained by WordPress only.

Lot of people ask me about Blogging, like: how to start blogging, what platform they should use, what content they should put, domain name, space, themes, etc. Here through this blog post I’m trying to answer some of the FAQs.
 

–> Main points to consider:

1. What do I blog:
– Think on a topic or subject you are passionate about, where you have deep/sound knowledge and can write about it very frequently, like Technology (All, or any Particular like SQL, .net, Java, etc.), Photography, Travel, Fashion, Politics, etc.
– Some people also blog to promote their own business/products/companies, etc.
– Make sure the content you put is genuine and will help people in reality.

2. How do I setup my blog:
– You can start with any of the free Blog Hosting sites, like WordPress, Google’s Blogger, Tumblr, etc.
– Or can go with Paid options for these site or other Hosts like GoDaddy, where you will get your own custom URL (Domain name) with more control.

3. How frequent should I blog: Depends upon the Topic, Time and your Passion.
– If it is current affairs and/or trending stuff, then daily, but you should have ample time.
– If automobiles/movies or similar then you should be the first and best (or amongst them) to blog them whenever they are launched.
– If its Technology then it could be daily/weekly/monthly, but at least one/two blog(s) per month to keep your readers connected with you.

4. Some Do’s & Don’ts:
– Do not copy other people’s blog posts.
– You can write about same topics what others have already posted, but make sure to give your post a different title.
– Its Ok to take tips from other Blogs, but the content should be genuinely written by you and should make a difference when compared by others.
– Use Widgets to provide more information and ease of access to your users to navigate on your blog site.
– Use Themes to beautify your blog, and can tweak CSS to give it a different look.
– Don’t forget to put a Disclaimer on the blog so that you do not come under any issues.
– Associate your blog URL or site map with Search Engines, like Bing, Google, etc. for SEO, so that you get max traffic/hits.
– Use inbuilt or third-party Stat counter, Comments, PingBacks, Rating systems/widgets to know the influence & popularity of your blog.
– Popularize your blog with Social media like a Facebook Page, LinkedIn, Twitter, etc.
 

Let me know if you have any questions or need clarifications on these points.

Happy Blogging !!!