SlideShare a Scribd company logo

Securing SQL Server with TLS 1.2

Amit Banerjee
Amit Banerjee

Recent changes to security compliance is driving the initiative in various IT environments to disable all security protocols apart from TLS 1.2. This has wide ranging impact on SQL Server installations from startup failures to connectivity issues. In this session, we will talk about the changes available in SQL Server 2008 and above to support TLS 1.2 and the changes required on the server and SQL Server configuration to support TLS 1.2. All the script samples are available on GitHub at https://github.com/Microsoft/tigertoolbox/tree/master/tls1.2

Technology
1 of 22
PS C:Users> whoami Known on Twitter as @banerjeeamit An affair with SQL Server for nearly a decade Sr. Program Manager on the Microsoft SQL Server (TIGER) product team Speaker at SQL PASS 24HOP TechEd Virtual TechDays User Groups SQL Saturdays SQLBITS Co-authored “Pro SQL Server on Microsoft Azure” Co-authored “Professional SQL Server 2012: Internals and Troubleshooting” Own TroubleshootingSQL.com Also found on http://aka.ms/sqlserverteam 2 @mssqltiger
No known vulnerabilities have been reported for the Microsoft TDS implementation. This is the communication protocol that's used between SQL Server clients and the SQL Server database engine.
SQL Server Tiger Team
SQL Server Tiger Team
SQL Server Tiger Team
SQL Server Tiger Team
SQL Server 2014 FCI or below Web servers • .NET Framework update to use TLS 1.2 with Database Mail • Applicable Client Side Components • SQL Server Native Client • ADO.NET (SqlClient) • Microsoft ODBC Driver for SQL Server • JDBC Driver
SQL Server 2014 FCI or below Web servers • Apply the .NET updates • Applicable Client Side Components • SQL Server Native Client • ADO.NET (SqlClient) • Microsoft ODBC Driver for SQL Server • JDBC Driver
SQL Server 2014 FCI or below Web servers • Applicable Client Side Components • SQL Server Native Client • ADO.NET (SqlClient) • Microsoft ODBC Driver for SQL Server • JDBC Driver
SQL Server Tiger Team The report server cannot open a connection to the report server database. A connection to the database is required for all requests and processing. (rsReportServerDatabaseUnavailable) KB3135244: SQL Server client updates have not been applied, namely .NET Framework updates are required so that older versions of ADO.NET can use TLS 1.2.
SQL Server Tiger Team Connection handshake failed. An OS call failed: (80090331) 0x80090331(The client and server cannot communicate, because they do not possess a common algorithm.). State 56. KB3135244: Database engine needs to be updated to support TLS 1.2 communications for Service Broker, Database Mirroring and Availability Groups
SQL Server Tiger Team Wait on the Database Engine recovery handle failed. Check the SQL Server error log for potential causes. A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: Named Pipes Provider, error: 0 - No process is on the other end of the pipe.) KB3135769: Apply the necessary .NET fixes and run SQL Server setup again.
SQL Server Tiger Team Connection handshake failed. An OS call failed: (80090331) 0x80090331(The client and server cannot communicate, because they do not possess a common algorithm.). State 58.' KB3137281: TLS 1.2 doesn't support MD5 as a signature hash algorithm. Switch to a non-MD5 signature hash for certificates that are used for SQL Server endpoint encryption.
SQL Server Tiger Team Agent Log: Microsoft.SqlServer.Management.SqlIMail.Server.Common.BaseException: Mail configuration information could not be read from the database. …. …. Unable to start mail session. KB3135244: .NET framework updates required to support TLS 1.2 for database mail need to be applied.
SQL Server Tiger Team Could not connect to server: A connection was successfully established to the server, but then an error occurred during the pre-login handshake Create the following registry key on the system that hosts the Reporting Services Configuration Manager: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHAN NELProtocolsTLS 1.2Client : REG_DWORD=Enabled, "Enabled"=dword:00000001
SQL Server Tiger Team
SQL Server Tiger Team https://github.com/amitmsft/MSSQLTIGERDemos http://spoke.at/TigerTLS https://blogs.msdn.microsoft.com/sqlreleaseservices/tls-1-2- support-for-sql-server-2008-2008-r2-2012-and-2014/ KB3135244
• Blog: • Aka.ms/sqlserverteam • www.troubleshootingsql.com • Twitter: • @banerjeeamit • @mssqltiger
Securing SQL Server with TLS 1.2

Recommended

Self-Signed SSL Versus Trusted CA Signed SSL Certificate
Self-Signed SSL Versus Trusted CA Signed SSL CertificateSelf-Signed SSL Versus Trusted CA Signed SSL Certificate
Self-Signed SSL Versus Trusted CA Signed SSL CertificateCheapSSLsecurity
 
The Data Distribution Service
The Data Distribution ServiceThe Data Distribution Service
The Data Distribution ServiceAngelo Corsaro
 
radius dhcp dot1.x (802.1x)
radius dhcp dot1.x (802.1x)radius dhcp dot1.x (802.1x)
radius dhcp dot1.x (802.1x)rinnocente
 
Authorization Enterprise Design Pattern
Authorization Enterprise Design PatternAuthorization Enterprise Design Pattern
Authorization Enterprise Design PatternNick Bogden
 
Radius vs. Tacacs+
Radius vs. Tacacs+Radius vs. Tacacs+
Radius vs. Tacacs+Netwax Lab
 
Palo Alto Networks authentication
Palo Alto Networks authenticationPalo Alto Networks authentication
Palo Alto Networks authenticationAlberto Rivai
 
Layer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml FirewallLayer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml FirewallCA API Management
 
Aruba clearpass ebook_chpt1_final
Aruba clearpass ebook_chpt1_finalAruba clearpass ebook_chpt1_final
Aruba clearpass ebook_chpt1_finalAruba, a Hewlett Packard Enterprise company
 

Recommended

Self-Signed SSL Versus Trusted CA Signed SSL Certificate
Self-Signed SSL Versus Trusted CA Signed SSL CertificateSelf-Signed SSL Versus Trusted CA Signed SSL Certificate
Self-Signed SSL Versus Trusted CA Signed SSL CertificateCheapSSLsecurity
 
The Data Distribution Service
The Data Distribution ServiceThe Data Distribution Service
The Data Distribution ServiceAngelo Corsaro
 
radius dhcp dot1.x (802.1x)
radius dhcp dot1.x (802.1x)radius dhcp dot1.x (802.1x)
radius dhcp dot1.x (802.1x)rinnocente
 
Authorization Enterprise Design Pattern
Authorization Enterprise Design PatternAuthorization Enterprise Design Pattern
Authorization Enterprise Design PatternNick Bogden
 
Radius vs. Tacacs+
Radius vs. Tacacs+Radius vs. Tacacs+
Radius vs. Tacacs+Netwax Lab
 
Palo Alto Networks authentication
Palo Alto Networks authenticationPalo Alto Networks authentication
Palo Alto Networks authenticationAlberto Rivai
 
Layer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml FirewallLayer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml FirewallCA API Management
 
Aruba clearpass ebook_chpt1_final
Aruba clearpass ebook_chpt1_finalAruba clearpass ebook_chpt1_final
Aruba clearpass ebook_chpt1_finalAruba, a Hewlett Packard Enterprise company
 
Elasticsearch in Netflix
Elasticsearch in NetflixElasticsearch in Netflix
Elasticsearch in NetflixDanny Yuan
 
Apache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache PulsarApache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache PulsarEnrico Olivelli
 
SAML Protocol Overview
SAML Protocol OverviewSAML Protocol Overview
SAML Protocol OverviewMike Schwartz
 
Ssl https
Ssl httpsSsl https
Ssl httpsAndrada Boldis
 
IoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreadsIoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreadsIndicThreads
 
MQTT
MQTTMQTT
MQTTHenri Cavalcante
 
SD WAN VS MPLS – Which is better for your Business?
SD WAN VS MPLS – Which is better for your Business?SD WAN VS MPLS – Which is better for your Business?
SD WAN VS MPLS – Which is better for your Business?Phani Kumar
 
HiveMQ Webinar: Lightweight and scalable IoT Messaging with MQTT
HiveMQ Webinar: Lightweight and scalable IoT Messaging with MQTTHiveMQ Webinar: Lightweight and scalable IoT Messaging with MQTT
HiveMQ Webinar: Lightweight and scalable IoT Messaging with MQTTDominik Obermaier
 
Introduction to DDS
Introduction to DDSIntroduction to DDS
Introduction to DDSRick Warren
 
Tacacs
TacacsTacacs
Tacacs1 2d
 
protocolo HTTP.pptx
protocolo HTTP.pptxprotocolo HTTP.pptx
protocolo HTTP.pptxMARIOALFONSOBELTRANR
 
5. Identity and Access Management
5. Identity and Access Management5. Identity and Access Management
5. Identity and Access ManagementSam Bowne
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykEryk Budi Pratama
 
Privileged Access Management
Privileged Access ManagementPrivileged Access Management
Privileged Access ManagementHitachi ID Systems, Inc.
 
What SD-WAN Means for Enterprise
What SD-WAN Means for EnterpriseWhat SD-WAN Means for Enterprise
What SD-WAN Means for EnterpriseToshal Dudhwala
 
SSO introduction
SSO introductionSSO introduction
SSO introductionAidy Tificate
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
 
Role based access control - RBAC
Role based access control - RBACRole based access control - RBAC
Role based access control - RBACAjit Dadresa
 
Deep Packet Inspection (DPI) Test Methodology
Deep Packet Inspection (DPI) Test MethodologyDeep Packet Inspection (DPI) Test Methodology
Deep Packet Inspection (DPI) Test MethodologyIxia
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Ping Identity
 
MSF: Sync your Data On-Premises And To The Cloud - dotNetwork Gathering, Oct ...
MSF: Sync your Data On-Premises And To The Cloud - dotNetwork Gathering, Oct ...MSF: Sync your Data On-Premises And To The Cloud - dotNetwork Gathering, Oct ...
MSF: Sync your Data On-Premises And To The Cloud - dotNetwork Gathering, Oct ...sameh samir
 
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersSQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersTobias Koprowski
 

More Related Content

What's hot

Elasticsearch in Netflix
Elasticsearch in NetflixElasticsearch in Netflix
Elasticsearch in NetflixDanny Yuan
 
Apache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache PulsarApache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache PulsarEnrico Olivelli
 
SAML Protocol Overview
SAML Protocol OverviewSAML Protocol Overview
SAML Protocol OverviewMike Schwartz
 
IoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreadsIoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreadsIndicThreads
 
SD WAN VS MPLS – Which is better for your Business?
SD WAN VS MPLS – Which is better for your Business?SD WAN VS MPLS – Which is better for your Business?
SD WAN VS MPLS – Which is better for your Business?Phani Kumar
 
HiveMQ Webinar: Lightweight and scalable IoT Messaging with MQTT
HiveMQ Webinar: Lightweight and scalable IoT Messaging with MQTTHiveMQ Webinar: Lightweight and scalable IoT Messaging with MQTT
HiveMQ Webinar: Lightweight and scalable IoT Messaging with MQTTDominik Obermaier
 
Introduction to DDS
Introduction to DDSIntroduction to DDS
Introduction to DDSRick Warren
 
Tacacs
TacacsTacacs
Tacacs1 2d
 
5. Identity and Access Management
5. Identity and Access Management5. Identity and Access Management
5. Identity and Access ManagementSam Bowne
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykEryk Budi Pratama
 
What SD-WAN Means for Enterprise
What SD-WAN Means for EnterpriseWhat SD-WAN Means for Enterprise
What SD-WAN Means for EnterpriseToshal Dudhwala
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
 
Role based access control - RBAC
Role based access control - RBACRole based access control - RBAC
Role based access control - RBACAjit Dadresa
 
Deep Packet Inspection (DPI) Test Methodology
Deep Packet Inspection (DPI) Test MethodologyDeep Packet Inspection (DPI) Test Methodology
Deep Packet Inspection (DPI) Test MethodologyIxia
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Ping Identity
 

What's hot (20)

Elasticsearch in Netflix
Elasticsearch in NetflixElasticsearch in Netflix
Elasticsearch in Netflix
 
Apache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache PulsarApache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache Pulsar
 
SAML Protocol Overview
SAML Protocol OverviewSAML Protocol Overview
SAML Protocol Overview
 
Ssl https
Ssl httpsSsl https
Ssl https
 
IoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreadsIoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreads
 
MQTT
MQTTMQTT
MQTT
 
SD WAN VS MPLS – Which is better for your Business?
SD WAN VS MPLS – Which is better for your Business?SD WAN VS MPLS – Which is better for your Business?
SD WAN VS MPLS – Which is better for your Business?
 
HiveMQ Webinar: Lightweight and scalable IoT Messaging with MQTT
HiveMQ Webinar: Lightweight and scalable IoT Messaging with MQTTHiveMQ Webinar: Lightweight and scalable IoT Messaging with MQTT
HiveMQ Webinar: Lightweight and scalable IoT Messaging with MQTT
 
Introduction to DDS
Introduction to DDSIntroduction to DDS
Introduction to DDS
 
Tacacs
TacacsTacacs
Tacacs
 
protocolo HTTP.pptx
protocolo HTTP.pptxprotocolo HTTP.pptx
protocolo HTTP.pptx
 
5. Identity and Access Management
5. Identity and Access Management5. Identity and Access Management
5. Identity and Access Management
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
 
Privileged Access Management
Privileged Access ManagementPrivileged Access Management
Privileged Access Management
 
What SD-WAN Means for Enterprise
What SD-WAN Means for EnterpriseWhat SD-WAN Means for Enterprise
What SD-WAN Means for Enterprise
 
SSO introduction
SSO introductionSSO introduction
SSO introduction
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAlto
 
Role based access control - RBAC
Role based access control - RBACRole based access control - RBAC
Role based access control - RBAC
 
Deep Packet Inspection (DPI) Test Methodology
Deep Packet Inspection (DPI) Test MethodologyDeep Packet Inspection (DPI) Test Methodology
Deep Packet Inspection (DPI) Test Methodology
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
 

Similar to Securing SQL Server with TLS 1.2

MSF: Sync your Data On-Premises And To The Cloud - dotNetwork Gathering, Oct ...
MSF: Sync your Data On-Premises And To The Cloud - dotNetwork Gathering, Oct ...MSF: Sync your Data On-Premises And To The Cloud - dotNetwork Gathering, Oct ...
MSF: Sync your Data On-Premises And To The Cloud - dotNetwork Gathering, Oct ...sameh samir
 
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersSQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersTobias Koprowski
 
6232 b 01
6232 b 016232 b 01
6232 b 01stamal
 
Microsoft SQL Azure - Developing And Deploying With SQL Azure Whitepaper
Microsoft SQL Azure - Developing And Deploying With SQL Azure WhitepaperMicrosoft SQL Azure - Developing And Deploying With SQL Azure Whitepaper
Microsoft SQL Azure - Developing And Deploying With SQL Azure WhitepaperMicrosoft Private Cloud
 
Midwest PHP Presentation - New MSQL Features
Midwest PHP Presentation - New MSQL FeaturesMidwest PHP Presentation - New MSQL Features
Midwest PHP Presentation - New MSQL FeaturesDave Stokes
 
Business_Continuity_Planning_with_SQL_Server_HADR_options_TechEd_Bangalore_20...
Business_Continuity_Planning_with_SQL_Server_HADR_options_TechEd_Bangalore_20...Business_Continuity_Planning_with_SQL_Server_HADR_options_TechEd_Bangalore_20...
Business_Continuity_Planning_with_SQL_Server_HADR_options_TechEd_Bangalore_20...LarryZaman
 
PowerPoint Presentation
PowerPoint PresentationPowerPoint Presentation
PowerPoint Presentationwebhostingguy
 
PowerPoint Presentation
PowerPoint PresentationPowerPoint Presentation
PowerPoint Presentationwebhostingguy
 
Confoo 2021 -- MySQL New Features
Confoo 2021 -- MySQL New FeaturesConfoo 2021 -- MySQL New Features
Confoo 2021 -- MySQL New FeaturesDave Stokes
 
Scylla Summit 2016: Scylla at Samsung SDS
Scylla Summit 2016: Scylla at Samsung SDSScylla Summit 2016: Scylla at Samsung SDS
Scylla Summit 2016: Scylla at Samsung SDSScyllaDB
 
802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for Seacoast802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for SeacoastSithideth Banavong
 
Dealing with SQL Security from ADO.NET
Dealing with SQL Security from ADO.NETDealing with SQL Security from ADO.NET
Dealing with SQL Security from ADO.NETFernando G. Guerrero
 
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloudKoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloudTobias Koprowski
 
KoprowskiT_SQLSoton_WADBforbeginners
KoprowskiT_SQLSoton_WADBforbeginnersKoprowskiT_SQLSoton_WADBforbeginners
KoprowskiT_SQLSoton_WADBforbeginnersTobias Koprowski
 
SafePeak - How to configure SQL Server agent in a safepeak deployment
SafePeak - How to configure SQL Server agent in a safepeak deploymentSafePeak - How to configure SQL Server agent in a safepeak deployment
SafePeak - How to configure SQL Server agent in a safepeak deploymentVladi Vexler
 

Similar to Securing SQL Server with TLS 1.2 (20)

MSF: Sync your Data On-Premises And To The Cloud - dotNetwork Gathering, Oct ...
MSF: Sync your Data On-Premises And To The Cloud - dotNetwork Gathering, Oct ...MSF: Sync your Data On-Premises And To The Cloud - dotNetwork Gathering, Oct ...
MSF: Sync your Data On-Premises And To The Cloud - dotNetwork Gathering, Oct ...
 
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginnersSQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
SQLSaturday#290_Kiev_WindowsAzureDatabaseForBeginners
 
Sql Sever Presentation.pptx
Sql Sever Presentation.pptxSql Sever Presentation.pptx
Sql Sever Presentation.pptx
 
6232 b 01
6232 b 016232 b 01
6232 b 01
 
SQL Server Clustering Part1
SQL Server Clustering Part1SQL Server Clustering Part1
SQL Server Clustering Part1
 
Microsoft SQL Azure - Developing And Deploying With SQL Azure Whitepaper
Microsoft SQL Azure - Developing And Deploying With SQL Azure WhitepaperMicrosoft SQL Azure - Developing And Deploying With SQL Azure Whitepaper
Microsoft SQL Azure - Developing And Deploying With SQL Azure Whitepaper
 
Midwest PHP Presentation - New MSQL Features
Midwest PHP Presentation - New MSQL FeaturesMidwest PHP Presentation - New MSQL Features
Midwest PHP Presentation - New MSQL Features
 
Business_Continuity_Planning_with_SQL_Server_HADR_options_TechEd_Bangalore_20...
Business_Continuity_Planning_with_SQL_Server_HADR_options_TechEd_Bangalore_20...Business_Continuity_Planning_with_SQL_Server_HADR_options_TechEd_Bangalore_20...
Business_Continuity_Planning_with_SQL_Server_HADR_options_TechEd_Bangalore_20...
 
Sql saturday oc 2019
Sql saturday oc 2019Sql saturday oc 2019
Sql saturday oc 2019
 
PowerPoint Presentation
PowerPoint PresentationPowerPoint Presentation
PowerPoint Presentation
 
PowerPoint Presentation
PowerPoint PresentationPowerPoint Presentation
PowerPoint Presentation
 
Servlets lecture1
Servlets lecture1Servlets lecture1
Servlets lecture1
 
Confoo 2021 -- MySQL New Features
Confoo 2021 -- MySQL New FeaturesConfoo 2021 -- MySQL New Features
Confoo 2021 -- MySQL New Features
 
Scylla Summit 2016: Scylla at Samsung SDS
Scylla Summit 2016: Scylla at Samsung SDSScylla Summit 2016: Scylla at Samsung SDS
Scylla Summit 2016: Scylla at Samsung SDS
 
802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for Seacoast802.1x Implementation Plan for Seacoast
802.1x Implementation Plan for Seacoast
 
Andy Malone - The new office 365 for it pro's
Andy Malone - The new office 365 for it pro'sAndy Malone - The new office 365 for it pro's
Andy Malone - The new office 365 for it pro's
 
Dealing with SQL Security from ADO.NET
Dealing with SQL Security from ADO.NETDealing with SQL Security from ADO.NET
Dealing with SQL Security from ADO.NET
 
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloudKoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
KoprowskiT_SQLSat230_Rheinland_SQLAzure-fromPlantoBackuptoCloud
 
KoprowskiT_SQLSoton_WADBforbeginners
KoprowskiT_SQLSoton_WADBforbeginnersKoprowskiT_SQLSoton_WADBforbeginners
KoprowskiT_SQLSoton_WADBforbeginners
 
SafePeak - How to configure SQL Server agent in a safepeak deployment
SafePeak - How to configure SQL Server agent in a safepeak deploymentSafePeak - How to configure SQL Server agent in a safepeak deployment
SafePeak - How to configure SQL Server agent in a safepeak deployment
 

More from Amit Banerjee

The Roadmap for SQL Server 2019
The Roadmap for SQL Server 2019The Roadmap for SQL Server 2019
The Roadmap for SQL Server 2019Amit Banerjee
 
Azure database services for PostgreSQL and MySQL
Azure database services for PostgreSQL and MySQLAzure database services for PostgreSQL and MySQL
Azure database services for PostgreSQL and MySQLAmit Banerjee
 
Upgrade your SQL Server like a Ninja
Upgrade your SQL Server like a NinjaUpgrade your SQL Server like a Ninja
Upgrade your SQL Server like a NinjaAmit Banerjee
 
SQL PASS 2017 - Building one million predictions per second using SQL Server ...
SQL PASS 2017 - Building one million predictions per second using SQL Server ...SQL PASS 2017 - Building one million predictions per second using SQL Server ...
SQL PASS 2017 - Building one million predictions per second using SQL Server ...Amit Banerjee
 
Building 1 million predictions per second using SQL-R
Building 1 million predictions per second using SQL-RBuilding 1 million predictions per second using SQL-R
Building 1 million predictions per second using SQL-RAmit Banerjee
 
Troubleshooting common scenarios with Always On - A Dress Rehearsal
Troubleshooting common scenarios with Always On - A Dress RehearsalTroubleshooting common scenarios with Always On - A Dress Rehearsal
Troubleshooting common scenarios with Always On - A Dress RehearsalAmit Banerjee
 
Enhancements to High Availability, Disaster Recovery and Replication
Enhancements to High Availability, Disaster Recovery and ReplicationEnhancements to High Availability, Disaster Recovery and Replication
Enhancements to High Availability, Disaster Recovery and ReplicationAmit Banerjee
 
AlwaysOn Troubleshooting Improvements
AlwaysOn Troubleshooting ImprovementsAlwaysOn Troubleshooting Improvements
AlwaysOn Troubleshooting ImprovementsAmit Banerjee
 
Always On Availability Group Troubleshooting Ninja
Always On Availability Group Troubleshooting Ninja Always On Availability Group Troubleshooting Ninja
Always On Availability Group Troubleshooting Ninja Amit Banerjee
 
Debugging made easier with extended events
Debugging made easier with extended eventsDebugging made easier with extended events
Debugging made easier with extended eventsAmit Banerjee
 
You, SQL Server and PowerShell
You, SQL Server and PowerShellYou, SQL Server and PowerShell
You, SQL Server and PowerShellAmit Banerjee
 
SQL Saturday 511 - Troubleshooting made easier using extended events
SQL Saturday 511 - Troubleshooting made easier using extended eventsSQL Saturday 511 - Troubleshooting made easier using extended events
SQL Saturday 511 - Troubleshooting made easier using extended eventsAmit Banerjee
 
Slow query bring it on
Slow query bring it onSlow query bring it on
Slow query bring it onAmit Banerjee
 
Performance Demystified for SQL Server on Azure Virtual Machines
Performance Demystified for SQL Server on Azure Virtual MachinesPerformance Demystified for SQL Server on Azure Virtual Machines
Performance Demystified for SQL Server on Azure Virtual MachinesAmit Banerjee
 
Provisioning Azure Virtual Machines to run SQL Server
Provisioning Azure Virtual Machines to run SQL ServerProvisioning Azure Virtual Machines to run SQL Server
Provisioning Azure Virtual Machines to run SQL ServerAmit Banerjee
 
Backup enhancements with SQL Server 2014
Backup enhancements with SQL Server 2014Backup enhancements with SQL Server 2014
Backup enhancements with SQL Server 2014Amit Banerjee
 
Troubleshooting SQL Server using Power Pivot and Power View
Troubleshooting SQL Server using Power Pivot and Power ViewTroubleshooting SQL Server using Power Pivot and Power View
Troubleshooting SQL Server using Power Pivot and Power ViewAmit Banerjee
 
SQL Server Tips and Tricks - Power
SQL Server Tips and Tricks - PowerSQL Server Tips and Tricks - Power
SQL Server Tips and Tricks - PowerAmit Banerjee
 
SQL Server Scheduling Basics
SQL Server Scheduling BasicsSQL Server Scheduling Basics
SQL Server Scheduling BasicsAmit Banerjee
 
System health session
System health sessionSystem health session
System health sessionAmit Banerjee
 

More from Amit Banerjee (20)

The Roadmap for SQL Server 2019
The Roadmap for SQL Server 2019The Roadmap for SQL Server 2019
The Roadmap for SQL Server 2019
 
Azure database services for PostgreSQL and MySQL
Azure database services for PostgreSQL and MySQLAzure database services for PostgreSQL and MySQL
Azure database services for PostgreSQL and MySQL
 
Upgrade your SQL Server like a Ninja
Upgrade your SQL Server like a NinjaUpgrade your SQL Server like a Ninja
Upgrade your SQL Server like a Ninja
 
SQL PASS 2017 - Building one million predictions per second using SQL Server ...
SQL PASS 2017 - Building one million predictions per second using SQL Server ...SQL PASS 2017 - Building one million predictions per second using SQL Server ...
SQL PASS 2017 - Building one million predictions per second using SQL Server ...
 
Building 1 million predictions per second using SQL-R
Building 1 million predictions per second using SQL-RBuilding 1 million predictions per second using SQL-R
Building 1 million predictions per second using SQL-R
 
Troubleshooting common scenarios with Always On - A Dress Rehearsal
Troubleshooting common scenarios with Always On - A Dress RehearsalTroubleshooting common scenarios with Always On - A Dress Rehearsal
Troubleshooting common scenarios with Always On - A Dress Rehearsal
 
Enhancements to High Availability, Disaster Recovery and Replication
Enhancements to High Availability, Disaster Recovery and ReplicationEnhancements to High Availability, Disaster Recovery and Replication
Enhancements to High Availability, Disaster Recovery and Replication
 
AlwaysOn Troubleshooting Improvements
AlwaysOn Troubleshooting ImprovementsAlwaysOn Troubleshooting Improvements
AlwaysOn Troubleshooting Improvements
 
Always On Availability Group Troubleshooting Ninja
Always On Availability Group Troubleshooting Ninja Always On Availability Group Troubleshooting Ninja
Always On Availability Group Troubleshooting Ninja
 
Debugging made easier with extended events
Debugging made easier with extended eventsDebugging made easier with extended events
Debugging made easier with extended events
 
You, SQL Server and PowerShell
You, SQL Server and PowerShellYou, SQL Server and PowerShell
You, SQL Server and PowerShell
 
SQL Saturday 511 - Troubleshooting made easier using extended events
SQL Saturday 511 - Troubleshooting made easier using extended eventsSQL Saturday 511 - Troubleshooting made easier using extended events
SQL Saturday 511 - Troubleshooting made easier using extended events
 
Slow query bring it on
Slow query bring it onSlow query bring it on
Slow query bring it on
 
Performance Demystified for SQL Server on Azure Virtual Machines
Performance Demystified for SQL Server on Azure Virtual MachinesPerformance Demystified for SQL Server on Azure Virtual Machines
Performance Demystified for SQL Server on Azure Virtual Machines
 
Provisioning Azure Virtual Machines to run SQL Server
Provisioning Azure Virtual Machines to run SQL ServerProvisioning Azure Virtual Machines to run SQL Server
Provisioning Azure Virtual Machines to run SQL Server
 
Backup enhancements with SQL Server 2014
Backup enhancements with SQL Server 2014Backup enhancements with SQL Server 2014
Backup enhancements with SQL Server 2014
 
Troubleshooting SQL Server using Power Pivot and Power View
Troubleshooting SQL Server using Power Pivot and Power ViewTroubleshooting SQL Server using Power Pivot and Power View
Troubleshooting SQL Server using Power Pivot and Power View
 
SQL Server Tips and Tricks - Power
SQL Server Tips and Tricks - PowerSQL Server Tips and Tricks - Power
SQL Server Tips and Tricks - Power
 
SQL Server Scheduling Basics
SQL Server Scheduling BasicsSQL Server Scheduling Basics
SQL Server Scheduling Basics
 
System health session
System health sessionSystem health session
System health session
 

Recently uploaded

The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Visualising and forecasting stocks using Dash
Visualising and forecasting stocks using DashVisualising and forecasting stocks using Dash
Visualising and forecasting stocks using Dashnarutouzumaki53779
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 

Recently uploaded (20)

The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Visualising and forecasting stocks using Dash
Visualising and forecasting stocks using DashVisualising and forecasting stocks using Dash
Visualising and forecasting stocks using Dash
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 

Securing SQL Server with TLS 1.2

  • 1.
  • 2. PS C:Users> whoami Known on Twitter as @banerjeeamit An affair with SQL Server for nearly a decade Sr. Program Manager on the Microsoft SQL Server (TIGER) product team Speaker at SQL PASS 24HOP TechEd Virtual TechDays User Groups SQL Saturdays SQLBITS Co-authored “Pro SQL Server on Microsoft Azure” Co-authored “Professional SQL Server 2012: Internals and Troubleshooting” Own TroubleshootingSQL.com Also found on http://aka.ms/sqlserverteam 2 @mssqltiger
  • 3. No known vulnerabilities have been reported for the Microsoft TDS implementation. This is the communication protocol that's used between SQL Server clients and the SQL Server database engine.
  • 6.
  • 7.
  • 10. SQL Server 2014 FCI or below Web servers • .NET Framework update to use TLS 1.2 with Database Mail • Applicable Client Side Components • SQL Server Native Client • ADO.NET (SqlClient) • Microsoft ODBC Driver for SQL Server • JDBC Driver
  • 11. SQL Server 2014 FCI or below Web servers • Apply the .NET updates • Applicable Client Side Components • SQL Server Native Client • ADO.NET (SqlClient) • Microsoft ODBC Driver for SQL Server • JDBC Driver
  • 12. SQL Server 2014 FCI or below Web servers • Applicable Client Side Components • SQL Server Native Client • ADO.NET (SqlClient) • Microsoft ODBC Driver for SQL Server • JDBC Driver
  • 13. SQL Server Tiger Team The report server cannot open a connection to the report server database. A connection to the database is required for all requests and processing. (rsReportServerDatabaseUnavailable) KB3135244: SQL Server client updates have not been applied, namely .NET Framework updates are required so that older versions of ADO.NET can use TLS 1.2.
  • 14. SQL Server Tiger Team Connection handshake failed. An OS call failed: (80090331) 0x80090331(The client and server cannot communicate, because they do not possess a common algorithm.). State 56. KB3135244: Database engine needs to be updated to support TLS 1.2 communications for Service Broker, Database Mirroring and Availability Groups
  • 15. SQL Server Tiger Team Wait on the Database Engine recovery handle failed. Check the SQL Server error log for potential causes. A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: Named Pipes Provider, error: 0 - No process is on the other end of the pipe.) KB3135769: Apply the necessary .NET fixes and run SQL Server setup again.
  • 16. SQL Server Tiger Team Connection handshake failed. An OS call failed: (80090331) 0x80090331(The client and server cannot communicate, because they do not possess a common algorithm.). State 58.' KB3137281: TLS 1.2 doesn't support MD5 as a signature hash algorithm. Switch to a non-MD5 signature hash for certificates that are used for SQL Server endpoint encryption.
  • 17. SQL Server Tiger Team Agent Log: Microsoft.SqlServer.Management.SqlIMail.Server.Common.BaseException: Mail configuration information could not be read from the database. …. …. Unable to start mail session. KB3135244: .NET framework updates required to support TLS 1.2 for database mail need to be applied.
  • 18. SQL Server Tiger Team Could not connect to server: A connection was successfully established to the server, but then an error occurred during the pre-login handshake Create the following registry key on the system that hosts the Reporting Services Configuration Manager: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHAN NELProtocolsTLS 1.2Client : REG_DWORD=Enabled, "Enabled"=dword:00000001
  • 20. SQL Server Tiger Team https://github.com/amitmsft/MSSQLTIGERDemos http://spoke.at/TigerTLS https://blogs.msdn.microsoft.com/sqlreleaseservices/tls-1-2- support-for-sql-server-2008-2008-r2-2012-and-2014/ KB3135244
  • 21. • Blog: • Aka.ms/sqlserverteam • www.troubleshootingsql.com • Twitter: • @banerjeeamit • @mssqltiger