Policy Management Administration - SQL Server 2008

A variety of tools and features are available to help administrators manage PM. As mentioned previously in this chapter, policy history is stored in the msdb database. Along with that history, the msdb database stores almost everything PM-related, including policies and conditions. Thus, it is critical that you take regular backups of msdb to avoid losing any policy configuration information.

Policy Status

When you enable a policy, Object Explorer will show you objects that violate that policy. For example, suppose that you set your TableNamePolicy policy to only log out-of-compliance changes instead of preventing them, and then created some tables. Object Explorer might look something like Figure. As you can see, Object Explorer has a special icon for items that have violated a policy.

Object Explorer showing objects and folders that violated one or more policies

Object Explorer showing objects and folders that violated one or more policies

You can view the policies that affect any object. For example, if you right-click dbo.tblCustomers in Figure and select Policies ➤View Policy, you will be presented with a window that shows all the policies on the server that affect the dbo.tblCustomers table object, as shown in Figure.

In the View Policies window shown in Figure, you can see that the Table Name Policy policy was violated. The History column provides a link to view the history of this policy, and the Evaluate column has a link to rerun the policy (in case you managed to fix the problem and want to make sure you are within compliance of the policy).

The Log File Viewer window launched from the View Policies window is the same as the viewer that can be launched from other areas in Object Explorere. This viewer reads historical information from system tables inside the msdb database and presents this data in a more readable format. The information that is contained in the history is made up of some metadata describing the policy runtime history, including when the policy was executed, the target for the policy, and some XML describing the violation if any occurred.

Viewing policies for a given object

Viewing policies for a given object

Log File Viewer window showing policy history

Log File Viewer window showing policy history

When you drill down on a specific error in the viewer, the XML that describes the error is shown. This is particularly helpful in cases where the errors involved some sort of automation. This XML describes the policy, expected values, and actual values obtained. Since XML doesn’t have a lot of aesthetic qualities, and fairly simple definitions could be pages in length, a Detailed View window pops up whenever you click the Details column in the viewer. In Figure, if you clicked the highlighted

Details cell, you would be presented with the window shown in Figure.

Detailed view of policy condition and runtime results

Detailed view of policy condition and runtime results

The Detailed View window shows exactly which part of the condition within the policy failed. In this case, the condition applies to the schema for the table to be within developer or test, and this is shown with the grouping of AND and OR on the left side of the window. Since this condition was satisfied, you see a green check for the Schema group. However, the Name condition was violated, and hence it is shown with a red X, indicating failure. You can see the expected value was a name that has tbl as the first three characters and the actual value was Orders, which is in violation of the policy. This may be very intuitive for simple policies, but as policy conditions get more complex, this user interface will be a welcome asset when debugging your policy violations.


All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status

SQL Server 2008 Topics