I have a question related to the limiting of the access to a database network for the users that are allowed to log on to it.
The problem is that the databases are huge (they contain hundred of millions of records) and without a few precautions, letting the logged-in users do whatever they want creates chaos.
For instance, allowing a simple SELECT query to run without any constraints might unnecessarily clog the access to the databases for other users.
So far, the following recommandations have been made in order to limit the access:
-
Using the "
SET QUERY_GOVERNOR_COST_LIMIT 900
" clause in the query windows in order to limit the usage of the database up to a quarter of hour. -
Limiting any SELECT queries using "
TOP 15
" clauses in order to limit the retrieval of records from those hundred milion records to a bare sample of fifteen records. -
Using the "
WITH (NOLOCK)
" and "WITH (READUNCOMMITTED)
" clauses in order to prevent the databases from being locked. Of course, there are other differences between these two clauses that have been already discussed elsewhere. -
Using scheduled tasks that programatically kill any unatended connections at a specific moment of time when supposedly the users should have already closed all their work, so that the relational database management system does not have any unnecessary load left over the termination of the user interaction with it.
Are there any other suggestions that might affect the speed of the database usage?
Of course, most of the allowed usage is strictly limited to querying. Manual updating and inserting of records is very infrequent. The creation of temporary tables is not recommended and it is almost prohibited.
Any other type of usage can be remotely isolated by using other relational database management systems, where – through link servers – data can be brought in and manipulated without further restrictions.
Best Answer
Allowing even trusted users to login to what appears to be a production database is in my mind a big no-no. The solutions you mention above may provide you with a sense of security/relief but they their own have side effects.
I would be particularly worried about your statement
If you have users who are updating/insert records then I am sure they are also deleting records most likely with no or a very limited audit trail.
If this was my database I would