Microsoft SQL Server reporting service comes along with powerful components to publish the Reports you want to show your Manager in the form of EXCEL, PDF or HTML.Reporting ServerReport Server DatabaseReport Manager.

Once you have created a database definition by defining a connection with any open database connectivity database using Report Server Database, your Reporting Server is ready to be publish the Reports, the next step is to specify the tables from which you want to retrieve the information to be use in your Reports. With the help of Reporting Manager which gives you the power to graphically manage your Reports is the most important tool Ms provided, it can also work from within Visual Studio.Net to manage your Reports layout by specifying the layout and format.

By demanding the reports on request or by having a subcription to Reporting Server you can have your reports generated and published in the form of PDF, HTML and EXCEL.

In the end what I've seen that MS Reporting tools are the next generation reporting tools which would out perform the 3rd party reporting services.

Cheers,~Danish Sami (UG Leader)
8:48 PM 10/28/2004

Recently a bug found in ASP.Net you may call this a vulnerability

What Vulnerability Microsoft found in its product?
Recently in ASP.Net MS found a vulnerability that anyone can compromise the Web Server security that runs ASP.Net and bypasses the Webform and Windows security mechanism. As per MS this vulnerability in mostly in every version of ASP.Net

What MS is doing in order to fix the above mentioned vulnerability?
MS has released an HTTP (Hypertext Transfer Protocol) module (in our terminology a patch) that Web admins could install and apply to the Windows Web Server in order to become safe from this canonicalization problem.

What could one do so no one compromise your ASP.Net web server security?
MS has released a tool which automatically scans a machine and determine whether the ASP.Net Web server is vulnerable and does the update installed, you may download the ValidatePath tool from MS website. Or if you are sure that you didn't apply the security module you may contact MS and download the update directly.
For additional guidance on how to install and deploy the update, administrators should read this Knowlege Base article
MS is also recommending developers to programmitically check for this canonicalization problem. You may implement the MS recommendation by following this Knowledge Base article
MS strongly recommends to update the machines in order to safe from this vulnerability.

Cheers,

-Danish Sami

Microsoft SQL Server 2005 code name Yukon, falls under Trustworthy Computing initiative. According to MS it is secure by design, secure by default, and secure by deployment. Lets take a look from every secure aspect.

Secure by design

Since 2000 MS started Trustworthy Computing initiative, all applications since then have been comlpetely designed to take advantage. SQL Server 2005 Yukon is also taking advantage of Trustworthy Computing, it means during its design MS tried harder to make SQL Server secure. It willl become more easier to understand Secure by design when we further look to other apects.

Secure by default

Back to old days when MS Server-side products comes along with default or no security settings. So if you were running in an environment where you don't need security you never care, but if you were dealing in a client server scenario where you were managing clients either on intranet or internet, security was a special consideration that ultimatly require deep understanding of configuring security settings. Now the best thing is Yukon comes along with default security settings which means only those areas which are of interest by default will be enabled and those which require tight configuraton are not enabled by default, so incase if you don't know how to configure security or forgot to do so, Yukon is still providing security by default.

Secure by deployment

Lets understand Secure by design more by understanding Secure by deployment. As I already said that Yukon is following the Trustworthy Computing from the beginning, Trustworthy enabling means that Yukon is built on a secure framework or in other words the secue layer is in its underlying architecture. By driving from this framework it becomes patch enabled what I mean is, if any part of its architecture is becoming week on security perspective or if there is any loop hole, the patch management functionality overcome this weakness. Yukon comes along with patch management tools, by configuring the option for automatic Patch update, Security updates will automatically be applied whenever is their any available, or to configure the security settings certain options are available so you could configure the security according to your needs.

To give you a quick insight I discuss the above, in order to gain additional information there are technical white papers available on MS website for SQL Server 2005 Yukon .

Cheers,

-Danish Sami,

Software Asset Management of SDA in short is a management framework to intelligently manage repository of artificats (source code, usecases, testing usecases) in a managed fashion by providing searching facility in a more advanced fashion. Every asset is defined as member of some category and that category will behave like a component, and to keep it more organized. It also contains the engine which they called 'Logidex discovery engine' which runs behind the scenes and does the actual job.

While surveing the Visual Studio 2005 Team System home I found a link to .Net Logidex Library which was a proof of concept or implementation of such SDA. Microsoft is hosting this SDA on its MSDN lab site and it is subject to change in the future. This implementation strongly follow the Platform Architectural Guidance or PAG in short to achieve the accuracy for the .Net assets.

Currently these SDA components are available in the respository

Microsoft Enterprise Solution PatternsMicrosoft .Net Framwork namespaces documentation.Net Application Building BlocksPet Shop 3.0Throughout the SDA compoenents, there was much more. The SDA components even have a relationship with some other components to define relationship among them. This can maximize the internal relationship where organizational boundaries among the development libraries, components are required.

Cheers,
-Danish Sami

As with the announcement of the new version of Microsoft SQLServer.Net code name "Yukon", lots of features are now available to the developers from programmatic point of view and to the security experts from management point of view. I think I am one of those people who earlier thought about SQLServer to really take advantage of .Net Framework and the Runtime.

If you think about .Net enabling SQLServer, you are creating a system where you can work more securly if comparing to the programmatic efforts you are doing. By .Net enabling the SQLServer means the programming modules in SQL like the stored procedures and functions could use the syntax understand by the .Net Runtime, like the language constructs of VB.Net or C#. Think about calling some application from within your SQL using these constructs or calling some component written in C# or Vb.Net you could save your program from exposing what is the next step to perform.

Lets take an example, you are running a website, on your initial page you are displaying how many number of users are connected, you simply execute a stored procedure that has a syntaxt similar like this

CREATE PROCEDURE showOnlineUsers
(
AS EXTERNAL NAME
no_of_users = SQLSERVER_CALLING_CONVENTION_FOR_CLR.YOUR_NAMESPACE.YOURMETHOD
return no_of_users
)

Or lets say you want to authenticate someone on your site using the Passport Authentication mechanism, for this in SQL query you could call some method residing on a remote machine which has a Platform SDK installed which goes to Microsoft website and returns the User Profile to the calling machine which initially executes the query for authentication.

These are some of the examples to understand the power of .Net enabling the Microsoft SQLServer.

Yokon... .Net ... what else you require. I thought .Net enabling the SQLServer is the most blasting feature MS ever provide.

Cheers,

-Danish Sami