Columnstore Index Performance Improvements

We have dimensional data mart running on SQL Server 2012.  The larger fact tables vary between 7 and 17 billion rows.  No fancy data types, no LOB data types, and all the join keys are ints.  There were already well-tuned conventional covering indexes on the fact tables. Clustered indexes and column statistics are kept up-to-date. Non-clustered indexes are disabled and rebuilt with each daily data load.  Queries always have some sort of date range in the WHERE clause.  In implementing columnstore indexes, we experienced an average performance improvement of around 7:1.  We were very happy, considering the level of tuning already in place.

We did find one query were the performance actually worsened when using a columnstore index.  I dug into the query and found that it utilized a view that was doing aggregations.  It’s the classic anti-pattern of having aggregates in an intermediate result set without using a temp table. There’s a later join against those aggregates and the query optimizer cannot do a cardinality estimate.  The view met a legitimate business requirement, so we created a regular table that materialized the view and added some code to load the new table as part of the nightly ETL process.  After that we pointed the query to the new table and tested conventional rowstore covering and columnstore indexes.  Again, about a 7:1 performance improvement between the two.

Partition-Level Lock Escalation

I ran into a situation at work where partition lock escalation solved a particular problem.  A table, with about 300 million rows, has a primary key that contains something called a ProcID or Process ID. The process ID is tied to a monthly analytic unit of work for a specific client – more specifically, it identifies client’s loan portfolio reported on a monthly basis. Our client’s portfolios vary greatly in size from roughly a hundred to several million loans. (Before I go any farther, let me explain that this is part of a third-party application. I have no influence over the data model and will not discuss its shortcomings here.)

The clustered index includes the ProcID.  Because analysts work on one portfolio or ProcID at a time, clustering on ProcID improves concurrency – except on the very largest client where locks get escalated up to the table level. If an analyst was working on a portfolio for our largest client, other analysts were blocked from their tasks due to table-level lock escalation.

To fix this problem I created a partition function that put our mega-client in one partition and everyone else in the other partition.  After that I created an appropriate partition scheme and then enabled partition lock escalation. (See Paul Randal’s excellent article here).  With partition lock escalation in place, concurrency has improved dramatically. If an analyst is working on our largest client’s portfolio, other analysts can now work on their portfolios with no blocking. Because of our analyst’s usage patterns, deadlocks are not a possibility.

Troubleshooting beyond the database

Users were seeing transient performance slowdowns every day between 15:00 and 16:00.  The slowdowns would typically last for 2-3 minutes and occur one or more times during this time window.  After looking at things on the SQL Server and database side, it was clear the problem was elsewhere.  In fact it was clear that the problem had to do with network congestion, but I needed documentation.

The first thing I did was use the Sysinternals PSPing utility and PowerShell to better define the scope of the problem.  PSPing has some cool features including the ability to ping over specific TCP ports, a corresponding server mode, and an optional histogram display.  I won’t bore you with the details here; go read about it if you’re interested.  PowerShell was used to iteratively run PSPing and redirect the output to a file.  I also output a timestamp to the file  with each iteration.  PSPing and PowerShell clearly showed the dimension of the problem as well as the times the problem occurred.   The output showed multiple latencies in excess of 3000 mS.  The periods of high latency typically lasted between 1 and 10 seceonds.

I also used tracetcp and tracert to further isolate the problem.  Both utilities show latency by router hop.  High latency values started at the first MPLS router hop.

I needed to figure out what was driving the congestion,  so I downloaded and installed a 30-day demo of a NetFlow analyzer.  I configured the core router and switches to export NetFlow data to the PC running the Netflow analyzer software.  From there it was pretty easy to drill down and find the source of the problem.  The image below shows what was  happening.  SMTP traffic was maxing out a 20Mbit MPLS circuit.  After querying a few users, I found what was causing the problem – a daily client mass-mailing.  Pretty simple really.

NetFlow capture

NetFlow capture

Powershell file mover

Pretty simple script I wrote a while back. Moves files between two paths. For example, to sweep files from a DMZ server. Optionally renames files on the target system by appending a date code. This is to avoid name collisions. Pay close attention to $FileAge, which sets a lower limit on the age of files to copy and $RenameDelay, which sets an upper limit on the age of files to rename in the destination path. Change the copy-item method to the move-item method before going to production.

set-StrictMode -version 2

$FileAge = 30 #age of files in minutes
$RenameDelay = 5 #delay value for renaming files
$Source = “\\server1\path1\” #source folder
$Destination =”\\server2\path2\” #destination folder

$Past = (Get-Date).AddMinutes($FileAge * -1)
$Past2 = (Get-Date).AddMinutes($RenameDelay * -1)

#first pass – move files form source to destination
$List = dir $Source -recurse | Where {$_.LastWriteTime -lt $Past -and $ -notlike “someString*” -and $ -notlike “SomeOtherString*”}
if ($list -ne $null){
write-host $list.count “items found to move”
foreach($file in $list){
If ($file.PSIsContainer -eq $false) {
$MoveDirectory = (join-path -path $Destination -childpath $file.DirectoryName.SubString(14))
new-item -path $MoveDirectory -type directory -ErrorAction:SilentlyContinue #create destination folder if it doesn’t already exist
$MovePath = (join-path -path $Destination -childpath $file.FullName.SubString(15))
copy-item -Path $file.FullName -destination $MovePath -force #move file to destination folder
else {write-host “no matching items found to move”}

#second pass – rename files in destination
$List = dir $destination -recurse | Where {$_.CreationTime -gt $Past2 -and $_.PSIsContainer -eq $false -and $ -notlike “SomeString*” -and $ -notlike “SomeOtherString*” }
if ($list -ne $null){
write-host $list.count “items found to rename”
foreach($file in $list){
$file = ( rename-item -force –path $file.Fullname –Newname ( $file.basename + (get-date -format ‘_yyyy-MM-dd_hhmm’) + $file.extension))
else {write-host “no matching items found to rename”}

set-StrictMode -Off

Deduplicating files with LogParser and SQL Server

Perhaps this should be categorized as a stupid people trick.  On the other hand, it’s a good, cheap way to deduplicate files assuming you’re running SQL Server and LogParser.  This post assumes at least a basic knowledge of T-SQL and LogParser command line syntax.

Basically, you use LogParser to create a two-column table containing file paths and MD5 hashes like this:

LogParser “SELECT path, HASHMD5_FILE(Path) AS MD5 INTO T_FILE_INFO FROM D:\some_path\*.*” -i:FS  -o:SQL  -database:files -driver:”SQL Server”  -createTable:ON

The -o parameter directs LogParser to write the output to a SQL Server database table.

The T-SQL  ranking function makes it very easy to find and pick out duplicate rows.  Instead of finding duplicate rows, I use it to generate statements to delete duplicate files.  The entire script looks something like this:

USE [TempDB]

-- Create LogParser command
SET @LogParserCMD = 'LogParser "SELECT PATH, HASHMD5_FILE(Path) AS MD5 INTO #T_FILE_INFO FROM ''E:\some_path\*.*''" -i:FS -recurse:1 -o:SQL  -database:files -driver:"SQL Server"  -createTable:ON'

-- Create table to store file paths and MD5 hashes
[PATH] [varchar](512) NULL,
[MD5] [varchar](255) NULL
-- run LogParser to populate table.  Either run from CMD prompt or use XP_CMDSHELL

-- note: this step can be time consuming, since LogParser must generate an MD5 has for every file specified

EXEC xp_cmdshell @LogParserCMD;

--Get duplicate hashes; generate deletion commands
WITH tblCTE(MD5, PATH, ranking)AS
(SELECT MD5, PATH, Ranking =

SELECT 'DEL "' + PATH + '"'
WHERE Ranking > 1
-- Review the result set and run it from a command prompt

-- clean up after yourself

The final voyage of the USNS H. H. Hess

My first ship, the USNS H. H. Hess, is currently enroute to Brownsville, TX where it will be cut up into scrap metal and recycled.  The Hess was an oceanographic survey vessel that was operated by the Military Sealift Command from roughly 1978-1992.  The ship was originally built in 1965 as the SS Canada Mail,  a C4 Mariner class cargo ship that was operated by American Mail Lines.  The ship was converted into it’s survey role in 1976.

In its time it was the worlds largest floating data center with all sorts of cool computers and electronic instrumentation.   It performed bathymetric, magnetic field, and gravity surveys in support of the Navy’s FBM program.  The crew consisted of roughly 40 civilian mariners, 10 oceanographers, two commissioned naval officers, 18 enlisted Navy technicians, and several of defense contractor represenatives.

The ship was big, comfortable and well-appointed.  There were three dining rooms, two libraries, a conference room that doubled as a movie theater, nice staterooms, a workout room, a crew’s lounge and a large basketball court.   My favorite parts of the ship were the electronics shop – I pretty much had it to myself and built my first Z80-based computer there – and the bow, which offered sun, fresh air, and quiet solitude – a great place to study and contemplate life.

The photo below is a webcam capture that shows the Hess entering the Gatun locks of the Panama Canal on 2/18/2011.


Free SQL Server training videos

The people over at have made their MCM training videos available online for free.  They’re pretty incredible.  Subject areas include database internals and performance, high availability and disaster recovery, performance tuning,  security and development support.  Link here:


There are also a plethora of wonderful videos over at  One of my favorites is a talk by Thomas Kejser on designing I/O systems for SQL Server. has a collection of wonderful videos on advanced query tuning.   The instructor provides live demos with  runtime statistics to fully demonstrate his tuning techniques.  Free and very worthwhile.

Alert for long-running SQL database backups

One of my daily tasks is to do a quick check of each SQL Server instance using Activity Monitor, sp_who2, or a DMV-based script.  Sometimes I get busy and forget to do this task.  Today I broke down and wrote a simple script that is executed by a SQL Agent job.  It runs at 8:00 AM, and just goes out to all the instances and checks to see if any backups are still running — if any are still running, an e-mail alert is raised.

The essence of the script follows.  You would might want to modify it to iterate through a list of instances.

SELECT * FROM instance.MASTER.sys.sysprocesses
WHERE cmd = 'backup database'
AND program_name = 'SQL Management')
@profile_name = 'Master',
@recipients = '',
@body = 'Backup job is still running on instance',
@subject = 'Backup job is still running on instace',
@importance =  'high';

Learning SMO & Powershell

I created a small script to collect SQL Server file utilization data into a repository.  I’m collecting the space used by the files as well as the space used internally by SQL Server.  I’m doing this across all production databases and servers, so the T-SQL fileproperty function was not all that useful since it only works against the current database.  The solution was to use SMO in a PowerShell script to collect the data since it’s very easy to iterate across multiple servers and databases.  I’ll write up the solution at a later date, but for now I wanted to mention a minor fact that I learned today.

The SMO Database class has a Status property which returns at least two values, “Normal” and “Offline”.  You can use it to avoid trying to get info for offline databases.  For example:

if ( $db.status -eq “Normal”) { #exclude offline databases
#do something


SQL Generators for moving database files

Here are several trivial scripts for updating the system catalog, moving files via robocopy, and adjusting filegrowth values. I hope someone finds them useful.

-- generate system catalog changes
-- *** note: need to manually edit destination path volume letter in output ***

NAME = ‘
+ NAME + ‘,
+ filename + ”’
FROM dbo.sysfiles
— where filename like ‘i:\%’
— order by size desc


— generate robocopy statements to be executed under command prompt
— *** note: need to manually edit destination path volume letter in output ***
SELECT ‘RoboCopy ‘ +
LEFT(filename,(LEN(filename) – CHARINDEX(‘\’, REVERSE(filename)))+1) + ‘ ‘ +
LEFT(filename,(LEN(filename) – CHARINDEX(‘\’, REVERSE(filename)))+1) + ‘ ‘ +
RIGHT(filename,(CHARINDEX(‘\’, REVERSE(filename)))-1)
FROM dbo.sysfiles

— modify filegrowth
NAME = ‘
+ NAME + ‘,
Filegrowth = 128MB
FROM dbo.sysfiles

Index to Filegroup mapping

Here is a trivial script to show where a particular index resides. It saves clicking around the SSMS GUI.

SELECT, i.type_desc, i. is_primary_key, i.is_unique, AS [Filegroup]
FROM sys.indexes i
INNER JOIN sys.data_spaces s
ON i.data_space_id = s.data_space_id
AND NOT IN ('clust', 'clst', 'nc1', 'nc2', 'nc3', 'nc', 'cl')
ORDER BY s.data_space_id,

PowerShell Script to Clean Up Old Files Based on Age

Here’s an extremely concise PowerShell script to remove old files.  You could use it to enforce a policy that keeps 90 days of ETL input files on a server.  Files older than that would purged with this script.  The script would be invoked by a SQLAgent CMDExec task or a Windows Task Scheduler job.

#Powershell Script to delete files older than a certain age


$intFileAge = 90  #age of files in days

$strFilePath = “c:\archive” #path to clean up


#create filter to exclude folders and files newer than specified age

Filter Select-FileAge 



      If ($_.PSisContainer) {}

              # Exclude folders from result set

      ElseIf ($_.LastWriteTime -lt (Get-Date).AddDays($days * -1))




      get-Childitem -recurse $strFilePath | Select-FileAge $intFileAge ‘CreationTime’ | remove-item 

Quick & Dirty way to identify orphan files

Here is a quick and dirty script to identify orphan database files – that is, files that are no longer in the system catalog. It uses several undocumented stored procedures and is not particularly clean SQL, but it works.

To do: come up with a version that uses LogParser to do the same thing.

FROM #temp

Trigger Mass Enable / Disable

Pretty trivial, really:

FROM sys.triggers

…add a where clause if needed.  Paste the output back into the query window and modify as needed.  You can also slap some code around it to generate some dynamic SQL like this:

‘; ‘

Moving Master and Resource databases

You may encounter the error message “SQL SERVER is in SINGLE USER MODE and only one administrator can connect” when moving the Master and Resource databases when following the procedure in BOL.  It happens right after you bring up SQL Server in Master-only, single-user mode using the T3608 trace flag like this:


For me the problem was that a remote process was grabbing the lone connection faster than I could.  The fix was to go into SQL Server Configuration Manager, Expand SQL Server Network Configuration, drill down into Protocols for MSSQLSERVER,  and then change the TCP/IP settings to point to a different port number.   In the example below, I pointed to port 14331 instead of 1433.


Once the port settings were changed, I stopped and restarted SQL Server and was able to finish moving the system databases.  Don’t forget to change back to port 1433 once you’re done!!!!


Quick and Dirty CSV import to SQL Server

You can use LogParser (a free, unsupported utility from Microsoft) to quickly import a CSV file into a SQL Server table using syntax like this:

logparser “SELECT * INTO MyTable FROM d:\MyFile.csv” -i:csv -o:SQL -server:MyServer -database:MyDatabase -createTable:ON

There are many other uses for LogParser.  Two of the most common are analyzing Windows Event Logs and IIS logs. 

Getting data file space usage

Here is a simple query to get space usage by data file:


[FILE_SIZE_MB] CONVERT(decimal(12,2),ROUND(a.size/128.000,2
[SPACE_USED_MB] CONVERT(decimal(12,2),ROUND(FILEPROPERTY(,'SpaceUsed')/128.000,2
[FREE_SPACE_MB] CONVERT(decimal(12,2),ROUND((a.sizeFILEPROPERTY(,'SpaceUsed'))/128.000,2
)) , 

FROM dbo.sysfiles a 

Useful Multipliers

Multiply SQL database pages by 0.0078125 to get space in Megabytes
Multiply SQL database pages by 0.00000762939453125 to get space in Gigabytes

Here are a couple of examples of where this is useful:

This query uses a DMV to return TempDB utilization by object category such as user, internal, and version store:

SUM(user_object_reserved_page_count)*0.0078125 as usr_obj_mb,
(internal_object_reserved_page_count)*0.0078125 as internal_obj_mb,
version_store_reserved_page_count)*0.0078125  as version_store_mb,
(unallocated_extent_page_count)*0.0078125 as freespace_mb,
(mixed_extent_page_count)*0.0078125 as mixedextent_mb

The next query returns space utilization , in Megabytes, by filegroup:

select name, filename, cast(size * 0.0078125 as int)as size_mb
from sysfiles
sum(cast(size * 0.0078125 as int))

One-off backups in SQL Server 2005

I am frequently asked to refresh development databases with production data.  The usual way to do this is to  back up the production database and then restore over the development database.  SQL Server 2005 has a new backup option, “WITH COPY_ONLY”.   This option allows you to perform a full backup without truncating the log and breaking the log chain.  The COPY_ONLY option is not supported in the SQL Server Management Studio (SSMS) GUI, so you have to perform the backup via a script.

It’s important to note that a backup that is created with the COPY_ONLY option cannot be restored with the SSMS GUI.  Instead you have to restore via a script.

SQL Server 2008 supports the COPY_ONLY option in the SSMS GUI.

Converting an existing Perfmon .BLG file to CSV

You may run across the situation where you need to import an existing Perfmon (or System Monitor) binary log file into and Excel spreadsheet or SQL database.  The obvious first step is to convert it to CSV format.  It took googling numerous forums to figure out how to do this, so I thought that I’d document it here for future reference.

The relog.exe utility, which ships with the OS, has the ability to convert between Perfom log file formats and merge several log files into one file.  It has some nice filtering capabilities including filtering by time, counters, and nth record.  Example syntax for simply converting between file formats:

relog -f csv inputfile.blg -o outputFile.csv

You can display all the options by simply typing relog -? at the command prompt.

Dynamic SQL – must declare scalar variable

I ran into a situation today where I was generating dynamic SQL that appeared to be valid.  I could take the generated SQL strings and execute them with no issues, but when executed dynamically, I got the error message “Must declare the scalar variable “@someVar”, even though the variable in question was declared properly.  I learned that the problem occurred because the variables were declared outside of the scope of the dynamic SQL that I was executing.  I was pointed to the following article:  This article describes how to use input and output parameters with the sp_executesql stored procedure.  Another good article on dynamic SQL parameters can be found on the SimpleTalk web site here.

SQL Server “Max Server Memory” Config Value

I learned an interesting tidbit while reading Inside Microsoft SQL Server 2005: Query Tuning and Optimization.  The Max Server Memory configuration value applies to the cache buffer pool and not SQL Server as a whole.  Here is a link to an MSDN article that explains it:

This book goes on to discuss how to detect, measure, and remedy various forms memory pressure.  I followed some of the examples in the book and came up with these statistics on one server:


One thing that is kind of interesting about these statistics is that it clearly shows that the configured server memory is significantly less than the memory used by sqlserver.exe.

Shrinking all log files

I’m not a big proponent of shrinking files. There are a lot of postings on DBA forums citing why this practice should be avoided. However we have a development server with a lot of databases, and the log files need to be shrunk on a pretty regular basis.

I wrote a little query to dynamically build the list of databases and logical filenames and then run DBCC SHRINKFILE to shrink all the log files. Here’s the script:

SET nocount ON;
CREATE TABLE #tempFileInfo
  dbName VARCHAR(256),
  logicalName VARCHAR(256),


SELECT [name] FROM sys.databases WHERE database_id > 4 AND state_desc = ‘ONLINE’

    SET @DBName = ‘[‘ + @DBName + ‘]’
    SET @SQL = ‘select ‘ + CHAR(39) + @DBName + CHAR(39) + ‘, [name] from ‘ + @DBName + ‘.sys.sysfiles WHERE filename LIKE ‘+ CHAR(39) + ‘%ldf’ +CHAR(39)
    –print @SQL
    INSERT INTO #tempFileInfo
    EXEC (@SQL)

SET @SQL = ”
SELECT @SQL=COALESCE(@SQL,”)+ ‘USE ‘ + dbName + ‘ DBCC SHRINKFILE(‘ + CHAR(39) + logicalName + CHAR(39) + ‘, 1); ‘
FROM #tempFileInfo


DROP TABLE #tempFileInfo

How to determine if TCP Chimmney Offloading is working

The TCP Chimmney Offload feature was introduced in Windows Server 2003 SP2.  It can offload certain functions from the OS to the network adapter card.  A lot of our newer HP Servers have a Broadcomm Ethernet chipset that supports this function.   It isn’t without its issues.  To determine if it is in use you can run the netstat –nt command like this:

C:\>netstat -nt

 Active Connections

   Proto  Local Address          Foreign Address        State           Offload State
  TCP       ESTABLISHED     InHost
  TCP       ESTABLISHED     InHost
  TCP       ESTABLISHED     InHost

The last column shows the offload status.  In this example the offload state is shown as InHost for all connections, so TCP offload is not enabled.

The Good Books

I used several books to study for the ICCP DBA exam including:

  • Modern Database Management, 8th Edition by Hoffer, Prescott and McFadden
  • Database Systems: Design, Implementation & Management 6th Edition by Rob and Coronel
  • Database Administration: The complete Guide to Practices and Procedures by Craig S. Mullins
  • An Introduction to Database Systems 5th Editon by C.J. Date

Of these, Modern Database Management was my favorite. Chapter 6 of this book covers physical database design and performance. There is a section in this book that has guideline for improving query performance. Here are a few of the  recommendations:

  • Use compatible data types, i.e., avoid type conversions
  • Write simple queries
  • Break complex queries into multiple, simple parts
  • Don’t nest one query inside another (just because you can use a subquery doesn’t always mean that you should)
  • Don’t combine a table with itself, i.e. avoid self-joins.
  • Create temporary tables for groups of queries.

Remote Reboot

Today while applying patches to a couple of mission-critical servers, I was reminded of something:  reboots issued through the terminal services client are not always successful.  The server can get stuck in an odd state where it is running but terminal services is not working.  For me the workaround has been to issue a remote reboot command using the shutdown utility:

shutdown /r  /m \\server_name_to_reboot /t 0  /f

Ongoing Lessons from the Cluster Lab

It’s been a while since I worked on my cluster lab. The first thing that I did was to tear down the old cluster and start over from scratch. The first lesson from this round of testing came when the cluster administrator scanned the hardware resoruces and threw a warning message that stated that only one adapter was found on the node. This warning is caused by fact that the two cluster nodes are interconnected via a crossover cable and the second node is shut down. With the node shut down, there is no physical layer link on the Ethernet card, so the OS thinks that the cable is disconnected.

I got past the error by simply plugging the cluster member’s private network connection into a spare switch that I had lying around. This provided a physical layer link which was what the OS needed to report a valid network connection. After that I rescanned the resources and the cluster installation proceeded.

Getting HH:MM:SS value from Seconds

Here is another handy date manipulation function. This one converts the number of seconds, expressed as an int, into the HH:MM:SSS format

WHEN @seconds/3600<10 THEN '0'
+ RTRIM(@seconds/3600)
':' + RIGHT('0'+RTRIM((@seconds % 3600) / 60),2)
':' + RIGHT('0'+RTRIM((@seconds % 3600) % 60),2)

Rewritten as a function, we have:

-- Add the parameters for the function here
@seconds INT
WHEN @seconds/3600<10 THEN '0'
+ RTRIM(@seconds/3600)
':' + RIGHT('0'+RTRIM((@seconds % 3600) / 60),2)
':' + RIGHT('0'+RTRIM((@seconds % 3600) % 60),2)

Stripping the time component from a datetime value

Here is a very simple and elegant way to strip the time component from a datetime value:

CAST(FLOOR(CAST(@date AS float)) AS datetime)

Written as a function:

-- Add the parameters for the function here
@date datetime
RETURNS datetime
CAST(FLOOR(CAST(@date AS float)) AS datetime)

When we pass in the value ‘2008-02-12 13:25:33.3’, it returns the value 2008-02-12 00:00:00.000

Other ways of stripping the time component:

SELECT DATEADD(dd,(DATEDIFF(dd,0,backup_start_date)),0)


SELECT CAST(DATEDIFF(dd,0,backup_start_date) AS Datetime)Using the convert has performance issues.  I’ll have to come up with numbers for all these: or

SELECT CONVERT(Datetime, CONVERT(NCHAR(10), backup_start_date, 121))

The IIS Metabase Explorer Rocks

Today I was reminded of something that I knew but forgot. The IIS Metabase Explorer for IIS6 (or MetaEdit for IIS 4 and 5) is a very useful tool. I needed to blow away an inheritable attribute of the HttpRedirect property. The Metabase explorer made the task ridiculously simple.

The Metabase Explorer is part of the IIS 6.0 Resource Kit.

Posted in IIS

Partition Misalignment can Cause Poor Performance

Here is an interesting Microsoft Knowledgebase article titled Disk performance may be slower than expected when you use multiple disks in Windows Server 2003, in Windows XP, and in Windows 2000.

It explains how a partition misalignment can cause significant I/O by causing reads and writes to straddle track boundaries. The fix is to use the diskpart.exe utility to create an alignment offset when you first create the partition.

This is similar to what you do with SAN storage to align the starting offset to “significant” boundaries. See the 3/31/08 post for more details.

Using Diskpart to Align a Windows Disk Partition

There is an EMC whitepaper titled Using diskpar and diskpart to align partitions on Windows Basic and Dynamic Disks. This paper describes how legacy Windows issues cause a single disk I/O to span multiple tracks. This puts an unnecessary load on the SAN and reduces performance. The fix is to align the partition. Below is a sample session using the DISKPART utility. Comments are in red.

Invoke Diskpart


Microsoft DiskPart version 5.2.3790.3959

Copyright (C) 1999-2001 Microsoft Corporation.

On computer: MYTESTBOX

You must select the disk to act on

DISKPART> select disk 5

Disk 5 is now the selected disk.

Create a partition using the EMC-recommended alignment offset

DISKPART> create partition primary align=64

DiskPart succeeded in creating the specified partition.

Select the partition / volume that you just created

DISKPART> select volume=0

Volume 0 is the selected volume.

Assign a drive letter

DISKPART> assign letter=o

DiskPart successfully assigned the drive letter or mount point.

Exit Diskpart


Leaving DiskPart…


You can now use the disk management MMC to format the partition

Simple SQL Server Log Filter / Review Script

Here’s a very basic log filtering /review script that you can run on a daily basis to review your SQL Server logs. It shows the last two days of log entries filtering out logon and backup entries.

-- daily log review script
SET nocount ON
LogDate DateTime,
ProcessInfo NVARCHAR(40),
ErrorText NVARCHAR(2048)
EXEC master..sp_readerrorlog -1

AND ProcessInfo <> ‘Logon’
AND ProcessInfo <> ‘Backup’

I’m currently cooking up some VBScript to filter and e-mail log entries on a daily basis. I’ll publish that soon.

Basic Database Inventory Script

CREATE TABLE #tempresults2
database_name NVARCHAR(128),
backup_start_date DATETIME
INSERT INTO #tempresults2
SELECT database_name, backup_start_date
FROM msdb.dbo.backupset AS b1
WHERE backup_start_date =
SELECT MAX(backup_start_date)
FROM msdb.dbo.backupset AS b2
WHERE b1.database_name = b2.database_name
AND TYPE IN ('D', 'I')
WITH TBL_CTE(name, Size_MB, create_date, compatibility_level, [state], recovery_model, page_verify_option) AS
SELECT, CONVERT(DECIMAL(12,2),ROUND(SUM(f.[size])/128.000,2)) AS Size_MB, d.create_date, d.compatibility_level, d.state_desc, d.recovery_model_descd.page_verify_option_desc
ON F.database_id = D.database_id
GROUP BY, d.create_date, d.compatibility_level, d.state_desc, d.recovery_model_desc, d.page_verify_option_desc
SELECT name, Size_MB, create_date, compatibility_level, [state], recovery_model, page_verify_option,
tr2.backup_start_date AS last_backup, GETDATE() AS inventory_date
LEFT OUTER JOIN #tempresults2 tr2
ON = tr2.database_name;
DROP TABLE #tempresults2

Starting Windows Performance Logging at boot time

Performance logging will not start on its own at boot time. Here’s how to get around that problem.


Applies to: W2k3, XP

  1. Using the Performance MMC, create a set of counter logs.
  2. Use a specific name to save the settings, e.g., SQLPERF.
  3. At the command prompt, try starting and stopping performance logging using the logman.exe utility:
    1. logman start sqlperf
    2. logman stop sqlperf
  4. Set the Windows registry to automatically start performance counters at system startup
    1. Open the Registry Editor, regedit.exe.
    2. Navigate to HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    3. Add a string value. A good name would be logman.
    4. Set the value equal to logman start sqlperf (or the command in step 4.a. that successfully started performance logging).



Query to get last database backup dates

Here’s a simple query to find the last backup dates:


SELECT backup_start_date, database_name
FROM msdb.dbo.backupset AS b1
WHERE backup_start_date =
SELECT MAX(backup_start_date)
FROM msdb.dbo.backupset AS b2
WHERE b1.database_name = b2.database_name
AND type = 'D'

SQL Server Best Practices Analyzer (BPA)

A new version of the SQL Server 2005 Best Practices Analyzer (BPA) is here.

On a related note, the BPA reported several operating system issues that I was unaware of, including an issue where SQL Server’s working set gets paged to disk during large file copies. More info and a link to the Technet article discussing this issue can be found here.

First stab at a database inventory script

Compatible with sql server 2k5:

USE master
CREATE TABLE #tempresults

[name] sysname,
db_size NVARCHAR(13),
[owner] sysname,
[dbid] smallint,
created NVARCHAR(11),
[status] NVARCHAR(600),
compatibility_level tinyint

INSERT INTO #tempresults
EXEC sp_helpdb
SELECT, tr.db_size, db.compatibility_level,is_auto_shrink_on, state_desc, recovery_model_desc, page_verify_option_desc

FROM sys.databases db
JOIN #tempresults tr

WHERE dbid >4 --This clause will exclude system DBs,master, model, msdb, and tempdb
DROP TABLE #tempresults

Searching for a column name in a SQL database

Here are a couple of different ways to search for a column name within a SQL Server database:

-- using information_schema views (preferred method)

SELECT sc.table_name
FROM information_schema.columns sc
INNER JOIN information_schema.tables st
ON sc.table_name = st.table_name
WHERE st.table_type = 'base table'
AND sc.column_name = 'ColumnToFind'
ORDER BY sc.table_name

-- old school
FROM sysobjects
FROM syscolumns
WHERE name = 'ColumnToFind' )
xtype = 'U'

Changing database modes via systables

Script to change SQL Server database modes via systables. This lets you set modes, such as EMERGENCY, that cannot be set via the sp_dboption stored procedure.

-- change database mode via systables
USE Master
-- Determine the original database status
SELECT [Name], DBID, Status
FROM master.dbo.sysdatabases
-- Enable system changes
sp_configure 'allow updates',1
-- Update the database status
UPDATE master.dbo.sysdatabases
SET Status = 16
WHERE [Name] = 'DatabaseNameGoesHere'
-- Disable system changes
sp_configure 'allow updates',0
-- Determine the final database status
SELECT [Name], DBID, Status
FROM master.dbo.sysdatabases


1 = autoclose; set with sp_dboption.
4 = select into/bulkcopy; set with sp_dboption.
8 = trunc. log on chkpt; set with sp_dboption.
16 = torn page detection, set with sp_dboption.
32 = loading.
64 = pre recovery.
128 = recovering.
256 = not recovered.
512 = offline; set with sp_dboption.
1024 = read only; set with sp_dboption.
2048 = dbo use only; set with sp_dboption.
4096 = single user; set with sp_dboption.
32768 = emergency mode.
4194304 = autoshrink.
1073741824 = cleanly shutdown.

Note that these are bit values. For example, 24 = 8+16, so 24 means that truncate log on checkpoint AND torn page detection
are both set.



On a personal note, I am happy to report that I passed the ICCP Database Administration Exam at the mastery level. Passing this exam completes my degree requirements.

Open Source Diff Tool

Interesting tool:

To quote the authors: WinMerge is an Open Source visual text file differencing and merging tool for Win32 platforms. It is highly useful for determing what has changed between project versions, and then merging changes between versions.

I have previously used to use windiff.exe to diff two files. This is or was part of the Windows Resource Kit. More recently I have used the freeware Context editor, which has a very good diff tool built in.

On a related note, Here’s a cool trick for finding registry differences between two machines: Export the subkey to a file for each machine and use a file diff tool to compare the differences. By default, the registry editor exports unicode, so either your diff tool has to support unicode, or you need to use the optional Win NT4/9x output format for your export.

Clustering Lab

I recently built an Windows Server 2003 cluster lab using a couple of PCs, two Adaptec AHA2940UW controllers and an old SCSI drive. When configuring the SCSI HBAs, it is important to remember to disable SCSI resets.

Note that when shopping for surplus SCSI HBAs, the AHA2940UW is probably the oldest card that you can use. It has a flash-programmable BIOS.   You can download the last BIOS version produced for that card from Adaptec’s website.  The older 2940 (without the U in the part number) uses pluggable EPROMS.


While working on a client’s Exchange server, I stumbled across an interesting knowledgebase article: SMTP tar pit feature for Microsoft Windows Server 2003. Tarpits insert a delay into certain SMTP communications that are associated with spam or with other unwanted traffic. They work by slowing all responses that contain SMTP protocol 5.x.x error codes. For the Microsoft SMTP server the delay value is configurable. There are some caveats as to whether or not this will be effective in your environment and whether or not it will slow legitimate traffic. It is definitely worth checking out.

On a related note, it would be interesting to put a LaBrea Tarpit on the top and bottom IPs of an Internet facing subnet. For example, if I owned subnet, I would bind addresses and to a LaBrea host. Zombie computers often do linear address space scans looking for victim machines. Having a tarpit at either end of the subnet could could significantly slow zombie activity. It would also tend to clean up much of that junk that you see in your HTTP or IDS logs.

Automated, Scheduled Domain Controller Diagnostics

Wouldn’t it be nice to have the time once a week to run the dcdiag against all of your domain controllers and review the results? (yeah, right) Well, I wrote a script to automate that process. It works like this: First there is a subroutine that enumerates the DCs and puts the result into an array of strings. Next there is a function that runs DCDiag against the list of DCs looking for the string “failure”. If that string is found it concatenates the server name and failure string to a global string variable. At the end of this function, if a failure was found, the function returns “True”. If the function returns true, the script e-mails an alert with the necessary information.

Retina WiFi Scanner

I audited my Wireless Access Point using the free Retina WiFi Scanner from eEye Digital Security. According to it, my WPA PSK key length was too short, so I increased it to around 25 characters. If you look at the scanner’s installation directory, there is a file named wepdic.txt. This is the wordlist that the scanner uses to attempt to brute force WEP keys. In theory you should be able to replace it with a larger wordlist.

Cain & Abel has been added to my list of “must have” security tools.  Essential for doing password audits.

Troubleshooting SQL Server with Filemon

Today I came across an interesting problem while changing the SQL server service to run on a non-administrative domain account. Previously the service was configured to log in as localsystem, which has full rights locally, but no domain rights. With this change, the service would start and then terminate. Here is a SQL error log snippet:

2007-02-13 15:05:01.29 spid5 Clearing tempdb database.
2007-02-13 15:05:01.58 spid5 Encountered an unexpected error while checking the sector size for file ‘k:\mssql\MSSQL\data\tempdb.mdf’. Check the SQL Server error log for more information.
2007-02-13 15:05:01.62 spid11 Starting up database ‘Student’.
2007-02-13 15:05:01.72 spid10 Starting up database ‘Diners’.
2007-02-13 15:05:01.80 spid9 Starting up database ‘distribution’.
2007-02-13 15:05:02.10 spid8 Starting up database ‘Inventory’.
2007-02-13 15:05:02.72 spid11 Starting up database ‘NorthwindReportData’.
2007-02-13 15:05:02.80 spid10 Starting up database ‘TSQLDB’.
2007-02-13 15:05:02.83 spid9 Starting up database ‘SSEMDB’.
2007-02-13 15:05:03.57 spid5 CREATE DATABASE failed. Some file names listed could not be created. Check previous errors.
2007-02-13 15:05:03.57 spid5 WARNING: problem activating all tempdb files. See previous errors. Restart server with -f to correct the situation.

Making the service account a member of the administrators group, fixed the problem, but of course this is not a good idea. I decided to use the SysInternals File Monitor, filemon.exe, to see if I could find the cause of the problem. What I found was that mssql.exe was trying to access the root of the volume where the SQL data files exist and was getting an access denied error. The fix was to grant the service account list access to the root of that volume. With that change, the sqlserver.exe service came up and stayed up. I also found a Technet article that points to the same solution for a similar problem: PRB: Error 5177 May Be Raised When Creating Databases

By the way, SysInternals was recently acquired by Microsoft and Mark Russinovich is now a Microsoft Employee. It appears that the great SysInternals utilities continue to be maintained.

Earlier Postings

…stuff imported from an earlier journal

2/3/07  I stumbled across a number of useful SQL security tools at

1/23/07  I ran into a problem configuring SQL XML support in IIS 6.0. When I went to do a query It was coming back with a 404 (page not found). The IIS log entry looks like this:

2007-01-24 01:04:07 GET /Northwind sql=select+*+from+Customers+For+XML+Auto&root=Customers 80 MACBETH\Administrator Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 404 2 1260

The last part of the string, ‘1260’ is the Win32 status. Doing a ‘net helpmsg 1260 ‘ from the command prompt shows a problem with policies:

Windows cannot open this program because it has been prevented by a software restriction policy.

Doing some searching, I found the following useful articles:

HTTP 404.x-File or Directory Not Found (IIS 6.0)

IIS 6.0: ASP.NET Is Not Automatically Installed on Windows Server 2003

“HTTP Error 404 – File or Directory not found” error message when you request dynamic content with IIS 6.0

Enabling Web Service Extensions (IIS 6.0) … 2f-b029-aea2b0418bea.mspx

12/15/2006  I finally caught up with the times and replaced my AC97 audio with a SoundBlaster Audigy. The difference is quite noticeable. I also recently discovered EAC or Exact Audio Copy, a freeware program that accurately transcribes your audio CDs to WAV files. The combination of EAC and a decent sound card essentially turns your PC into a high-end CD player.

11/15/06  I purchased my fourth pneumatic nailer. This beauty is a framing nailer that shoots 2″ to 3 1/2″ nails. It makes quick work of many tasks around the home. By the way, did you know that “he who dies with the most tools wins”?framing-nailer1.jpg

11/3/06 Today is my last day at Citigroup and two days after my 7th anniversary. Company management decided to eliminate the Diners Club systems development group based here in Denver. My job was among 168 of those affected.  It’s a shame because it was probably the best software development team within Citigroup.

7/15/06   I have decided to install security cameras around the house. One thing that I needed was connectors for 75 ohm RG6 cable. Most RG6 connectors are the ‘F’ style, while most security cameras use BNC connectors. I also needed replacement solder-tab batteries for our Interplak toothbrushes. After checking with several suppliers, I placed my order with All Electronics Wednesday evening. The parts arrived via USPS Saturday afternoon — very quick turnaround!

6/25/06  We have to relocate our gas meter. The utility and the building department have pretty stringent requirements for this, so Friday I took the Denver homeowner’s plumbing exam and pulled a plumbing permit. The plumbing inspection requires that you pressurize the gas line to 10 PSI and connect a gauge. You must demonstrate to the inspector that the gas piping can maintain pressure for at least 15 minutes. Not having a suitable gauge or test fixture, I went General Hardware, purchased a few parts and the built one shown here. The parts include a 0-30 psi gauge, a Schrader valve for applying and bleeding the compressed air, a 3/4″ tee, and the necessary reducers for the gauge and the Schrader valve.testfitting.jpg

6/19/06  A colleague recommended a really useful site for finding useful security tools:  Fyodor, the creator of Nmap, and the maintainer of the site, surveyed security professionals and created a listing of the 100 most popular security tools.  Many of these tools have multiple uses. For example, the Paros proxy is a useful tool if you maintain and troubleshoot web sites.

6/1/06  Are your favorite troubleshooting tools not installed on the machine that you are currently working on? One solution is to install your applications on a USB drive a site called has a number of applications that have been built to run off of a USB or CDROM drive.

4/20/06  Hooray for the retarded kid! I finished up the OS course and took a DANTES exam. Only 7 semester hours to go!

2/21/06  Two useful measures of energy density are Watt hours/Liter (volumetric energy density) or Watt hours/kilogram (gravimetric energy density).  A gallon of gasoline has an energy density of 9000 watt hours per liter while a lead acid battery has an energy density of 40 watt hours per liter.  This helps explain why electric cars are not yet common.
Liquid hydrogen has a substantially lower volumetric energy density than gasoline, only 2600 watt hours per liter.  Don Lancaster has an excellent tutorial on energy fundamentals:

1/6/06  Downloaded and installed GIMP on Linda’s XP computer. GIMP stands for GNU Image Manipulation Program. It seems to be a nice alternative to Photoshop.

1/2/06  Hooray for the retarded kid!  I’m finishing up my last fourteen semester hours of undergraduate work.  Today I am starting a course on operating systems.

12/28/05  Used an updated version of a familiar utility autoruns.exe from the website.  There are all sorts of places within Windows that a program can be automatically launched.  This includes services as well as programs launched as the logged-in user.  These guys seemed to have figured it all out.

12/27/05  ps command usage on AIX:

  • to display all processes with memory utilization use ps gv
  • to display all processes with memory utilization and command line ps gev

Interesting options from the man page: (none of these are preceeded by a – sign)

  • e  Displays the environment as well as the parameters to the command, up to a limit of 80 characters.
  • ew  Wraps display from the e flag one extra line.
  • eww  Wraps display from the e flag as many times as necessary.
  • g  Displays all processes.
  • u  Displays user-oriented output. This includes the USER, PID, %CPU, %MEM, SZ, RSS, TTY, STAT, STIME, TIME, and COMMAND fields.
  • v  Displays the PGIN, SIZE, RSS, LIM, TSIZ, TRS, %CPU, %MEM fields.
  • w  Specifies a wide-column format for output (132 columns rather than 80). If repeated, (for example, ww), uses arbitrarily wide output. This information is used to decide how much of long commands to print.

12/5/05  Grep Examples (in a Win32 environment)

  • Search a file for lines containing “cat” or “dog”:   grep -i “cat\|dog” file.txt    in this case the escaped | symbol is a logical OR operator
  • Search a file for lines containing both “cat” and “dog”:   grep “cat” file.txt | grep “dog”  in this second case, the | symbol is used for redirection

11/18/05:   Found a useful Win32 utilities site. Of particular note: MyUninstaller. Way more useful that the stock add/remove programs control panel applet.11/17/05: The Unix chsh utility can be used to change your working shell, but

  • This will only work if you have permissions to the passwd file
  • BOKS managed systems periodically push down the passwd file, which will overwrite your changes