Synergy Software Systems

Archive for the ‘SQL’ category

End of support for Microsoft SQL 2012

July 15th, 2022

Microsoft on Tuesday announced that it will no longer be supporting SQL Server 2012

The product, on July 12, 2022, reached the end of its 10-year support model. It means that SQL Server 2012 will no longer get future security patches from Microsoft. The server continues to run under such circumstances, but organizations may be potentially exposed to future security troubles and they could get encumbered by the compliance implications of running unsupported software.

Organizations who need to stick with SQL Server products, have four options:

Organizations can upgrade to SQL Server 2019.
Organizations can continue to use SQL Server 2012 and get “Critical” security patches only via Microsoft’s Extended Security Updates (ESU) program for up to three years.
Organizations can move their SQL Server 2012 workloads into Microsoft Azure virtual machines, where Microsoft provides the ESU patches at no cost.
Lastly, Microsoft advocates using Azure SQL Managed Instance, which is an Azure platform-as-a-service offering that promises high compatibility with on-premises SQL Server.

The Azure SQL Managed Instance option is similar to the Azure Arc-enabled SQL Managed Instance service, but the latter lets organizations continue to use their own infrastructure. The nuances between those two options are described in this Sept. 30, 2020 Microsoft Tech Community post.

While the ESU program offers a grace period of sorts for SQL Server 2012 users, its use with on-premises servers comes with licensing requirements. Organizations will need to have Software Assurance coverage, which is an annuity cost. However, they can only buy ESUs when they have an “Enterprise Agreement (EA), Enterprise Subscription Agreement (EAS), a Server & Cloud Enrollment (SCE) and Enrollment for Education Solutions (EES)” licensing, according to Microsoft’s end-of-support FAQ document.

The ESU program lets organization buy Critical security patches in one-year increments, for up to three years maximum. Microsoft hikes the ESU price each year by 25 percent of the base price of SQL Server 2012 license, according to the following formula:

Year 1: Approximately 75% of full license price
Year 2: Approximately 100% of full license price
Year 3: Approximately 125% of full license price

Those incremental fees no doubt are designed to prod organizations into moving their SQL Server 2012 workloads into Azure virtual machines, where Microsoft provides ESU patching for free.

For organizations making the move to cloud services, Microsoft’s Azure Migration and Modernization Program offers either Microsoft ,or partner support for moves to Azure services. This program is billed as being available to organizations of all sizes, and bearing “no additional cost” for Azure customers, per its landing page.

Microsoft has recently beefed up the funding for the Azure Migration and Modernization Program.

“We’re now investing significantly more to support your largest Windows Server and SQL Server migration and modernization projects, up to 2.5 times more than previous investments, based on project eligibility,” the announcement indicated. “This investment will help with your migration in two ways: partner assistance with planning and moving your workloads, and Azure credits that offset transition costs during your move to Azure Virtual Machines, Azure SQL Managed Instance, and Azure SQL Database.”

The announcement also warned that Windows Server 2012 and Windows Server 2012 R2 will be reaching their end-of-support phases “next year on October 10, 2023.”

Microsoft plans to offer its ESU patch program and its Modernization migration support program for those servers as well.

Next year, in April, many of Microsoft’s 2013-branded application servers will also fal out of support

Note: Before you upgrade SQL, check the compatibility of the software that runs on it with the new version of SQL – you may be faced with the need to also update those systems to later versions for example older versions of Dynamics Ax,

Comments Off on End of support for Microsoft SQL 2012 »

Posted in Healthcare, Hospitality, HR and Payroll, Infor Financial solutions, Microsoft, Microsoft Dynamics Ax, Microsoft Dynamics CRM, SQL, Sunsystems and Vision, Technology

KB5006943 – On-demand hotfix update package for SQL Server 2016 SP3

November 1st, 2021

This update https://support.microsoft.com/en-us/topic/kb5006943-on-demand-hotfix-update-package-for-sql-server-2016-sp3-94de2975-cd7d-47ed-b003-5d7daf4e2caf contains hotfixes for issues that were fixed after the release of SQL Server 2016 SP3 (https://support.microsoft.com/en-us/topic/kb5003279-sql-server-2016-service-pack-3-release-information-46ab9543-5cf9-464d-bd63-796279591c31 ). To apply this hotfix package, you must have SQL Server 2016 installed on your computer.

Note The build number of the hotfix update package is 13.0.6404.1.

Comments Off on KB5006943 – On-demand hotfix update package for SQL Server 2016 SP3 »

Posted in Microsoft, Microsoft Dynamics Ax, Microsoft Dynamics CRM, Security and Compliance, SQL, Sunsystems and Vision, Technology

August 24th, 2021

A bungled data migration of a network drive caused the deletion of 22 terabytes of information from Dallas Police Department police force’s systems – included case files in a murder trial,during a data migration exercise carried out at the end of the 2020-21 financial year

“On August 6, 2021, the Dallas Police Department (DPD) and City of Dallas Information and Technology Services Department (ITS) informed the administration of this Office that in April 2021, the City discovered that multiple terabytes of DPD data had been deleted during a data migration of a DPD network drive,” said a statement [PDF] from the Dallas County prosecutor’s office.

14TB were recovered, presumably from backups, but “approximately 8 Terabytes remain missing and are believed to be unrecoverable.”

The Home Office initially issued a statement saying the data loss was down to a “technical issue”, which had been resolved, There must have been some technical resolution because the Home Office later said it was not a technical issue after all, and in fact a “housekeeping error” with Home Secretary Priti Patel saying: “Home Office engineers continue to work to restore data lost as a result of human error during a routine housekeeping process earlier this week.”

In a letter published by The Guardian, National Police Chiefs’ Council (NPCC) deputy chief constable Naveed Malik, lead for the organisation on the Police National Computer (PNC), said approximately 213,000 offence records, 175,000 arrest records and 15,000 person records had potentially been deleted in error. The DNA database connected to the PNC saw 26,000 records corresponding to 21,710 subjects potentially deleted in error, “including records previously marked for indefinite retention following conviction of serious offences”. The letter also said 30,000 fingerprint records and 600 subject records may have been deleted in error.

The PNC dates back to the 1970s. The current iteration is a Fujitsu BS2000/OSD SE700-30 mainframe based in a Hendon data centre, running Software AG’s natural programming language-using ADABAS database. The UK’s territorial and regional police forces, Serious Fraud Office, Security and Secret Intelligence Services (MI5, MI6), HM Revenue & Customs, and the National Crime Agency all make use of it. They have controlled and 24-hour access from remote terminals and through local police force systems.

These incidents highlight the importance of backups and backup and recovery processes. How often do you test whether you can restore your back ups? Does this still work for restoring older back ups when you upgrade? Has a move to the cloud changed the retention of your back ups, the frequency of upgrades, or the ease or time for restore?

Comments Off on »

Posted in Business Central, Corporate Perfomance Management, Dynamics 365, HR and Payroll, Infor Financial solutions, Microsoft, Microsoft Dynamics Ax, Microsoft Dynamics CRM, Project Management, Security and Compliance, SharePoint and EPM, SQL, Sunsystems and Vision, Teams collaboration remote access, Technology

Quickly identify and fix your performance bottleneck

May 4th, 2021

Are you responsible for a busy SQL server, for example, the Finance Department’s systems, documentation management, CRM, BI, or a Web Server; perhaps a busy file and print server, or something else entirely.

Were you responsible for installing the application running the workload for your company? Is the workload business critical, i.e. TOO BIG TO FAIL?

Do users, or even worse, customers, complain about performance?

If you are responsible to keep the workloads running in your organization that would benefit from additional performance, please read on – even if you don’t consider yourself a “Techie”.

Windows and VMs are both factors of high latency that impacts performance.

Variables Affecting the Performance of the Applications

There are many variables that affect the performance of those applications. The slowest, i.e. the most restrictive of these is the “Bottleneck”. Think of water being poured from a bottle. The water can only flow as fast as the neck of the bottle, the ‘slowest’ part of the bottle.

In a computer hardware the bottleneck will almost always fit into one of the following categories:

CPU
DISK
MEMORY
NETWORK

With Windows, it is usually very easy to find out which one the bottleneck is in, and here is how to do it (like an IT Engineer):

To open Resource Monitor – click the Start menu, and type “resource monitor”, and press Enter. Microsoft includes this as part of the Windows operating system and it is already installed.
Notice the graphs in the right-hand pane. When your computer is running at peak load, or users are complaining about performance, which of the graphs are ‘maxing out’? This is a great indicator of where your workload’s bottleneck is to be found.

What You Can Do to Improve Application Performance

Once you have identified your bottleneck – the slowest part of your ‘compute environment’ then, what can you do to improve it?

The traditional approach to solving computer performance issues is to throw bigger and more powerful hardware at the solution like an extra disk or a new laptop, or putting more RAM into your workstation, or on the more extreme end, buying new servers or expensive storage solutions.

How do you decide when it is appropriate to spend money on new or additional hardware, and when it isn’t. Well the obvious answer is; ‘when you can get the performance that you need’, with the existing hardware infrastructure that you have already bought.

You don’t replace your car, just because it needs a service or tuning?

Let’s take disk speed as an example. Look at the response time column in Resource Monitor. Open the monitor to full screen or large enough to see the data. On the Overview tab, open the Disk Activity section so that you can see the Response Time column.

Do it now on the computer you’re using to read this. (You didn’t close Resource Monitor yet, did you?) This shows the Disk Response Time, or , how long is the storage taking to read and write data? Of course, a slower disk speed = a slower performance, but what is considered a good disk speed or a bad speed?

Scott Lowe, has written a great post that you can read here…TechRepublic: Use Resource Monitor to monitor storage performance that perfectly describes what to expect from faster and slower Disk Response Times:

“Response Time (ms). Disk response time in milliseconds. For this metric, a lower number is definitely better; in general, anything less than 10 ms is considered good performance. If you occasionally go beyond 10 ms, you should be okay, but if the system is consistently waiting more than 20 ms for response from the storage, then you may have a problem that needs attention, and it’s likely that users will notice performance degradation. At 50 ms and greater, the problem is serious.”

I hope when you check on your computer, the Disk Response Time is below 20 milliseconds. What about those other workloads that you were thinking about earlier. What’s the Disk Response Times on that busy SQL server, the CRM or BI platform, or those Windows servers that the users complain about?

Your Two Options

When the Disk Response Times are often higher than 20 milliseconds, and you need to improve the application performance, then it’s choice time and there are two main options:

Storage workload reduction software like DymaxIO™ fast data (Diskeeper^®, SSDkeeper^®, and V-locity^® are now new DymaxIO fast data software). This tool will reduce Disk Storage Times by allowing much e of the data that your applications need to read, to come from a RAM cache, rather than be read slower disk storage. RAM is much faster than the media in your disk storage.
Contact us to trial this. You don’t even need to reboot.
If you have tried the DymaxIO software, and you still need faster disk access, then, it’s time to start getting quotations for new hardware. It does make sense though, to take a couple of minutes to install DymaxIO first, to see if that can be avoided. The software solution to remove storage inefficiencies is typically a much more cost-effective solution than having to buy hardware! A software solution to a software problem.

Improve Your Application Performance by Decreasing Disk Latency like an IT Engineer – call us to learn more 0097143365589

Comments Off on Quickly identify and fix your performance bottleneck »

Posted in Corporate Perfomance Management, Dynamics 365, e procurement, Healthcare, Hospitality, HR and Payroll, Infor Financial solutions, iptv, Microsoft Dynamics Ax, Microsoft Dynamics CRM, RPA and DMS, SharePoint and EPM, SQL, Sunsystems and Vision, Teams collaboration remote access, Technology

Snaplogic iPaaS now even better – ask Synergy Software Systems

April 29th, 2021

We’re excited to announce the ‘February 2021’ release of the SnapLogic Intelligent Integration Platform. In this release, there are a number of new Snap Packs: for Marketo and Hubspot. for Marketing Automation, for Microsoft Teams and Power BI for team communication and analytics rly, and OpenAPI to connect to any OpenAPI compliant endpoints.

There is also support for Azure Synapse analytics to our ELT capability. Platform enhancements include :

higher productivity through expanded Universal search,
platform notifications to Slack,
better reliability through Snaplex level scheduling, and more.

Hassle-free connectivity with NEW Snap Packs

New Snap Packs provide out-of-the-box connectivity to key enterprise endpoints. For example the new Marketo and Hubspot Snap Packs allow you to connect seamlessly to these marketing automation systems. Easily manage marketing assets/campaigns or leads that enter your marketing funnel. While HubSpot Snap Pack supports CRUD (create, read, update, delete) operations, the Marketo Snap Pack allows you to do bulk operations on leads.

With these Snap Packs, quickly sync your assets and leads data across Marketing, Sales, and other functional areas and easily connect to event/survey applications such as Eventbrite, SurveyMonkey, or to Demand Generation tools such as Google Ads, Linkedin, and Analytics endpoints such as Microsoft Power BI and Tableau.

The Microsoft Power BI Snap Pack is also new and allows you to connect your Power BI instance to hundreds of data sources to bring your data to life with live dashboards and reports. Visualize your data and share insights across teams or embed these in your app or website. The Snap Pack helps you to post, push datasets, read, and edit so that you can easily query data, create/bind entities, import files, and update entities.

For an organization that has a heavy investment in the Microsoft ecosystem, the next Snap Pack the new Microsoft Teams Snap Pack allows you to easily integrate your Microsoft Teams into your enterprise workflows for customers, employees, and teams. This Snap Pack supports accounts such as OAuth2 User, Application, and Dynamic accounts to adhere to your enterprise security standards. Use it to send messages, perform channel operations, and perform team operations. .

Another key new Snap Pack with this release is the OpenAPI Snap Pack. Most API endpoints today adhere to the OpenAPI specification version 2 or 3. Leverage this Snap Pack to connect to any API endpoint with the published OpenAPI specification so that users can get all the needed documentation while they build their automated workflows. More efficiently connect to any generic endpoint without the need for specific Snaps.

Improved connectivity with other Snap Pack enhancements

Google Sheets Snap Pack now supports JSON based version 4 of the API rather than XML based version 3

Kafka Snap Pack updates now support reading/writing record headers and timestamps, provide option to choose one output document per batch. The later feature allows systems that don’t natively support streaming data to effectively work with Kafka messages by batching them together.

Amazon Redshift and Amazon SQS Snap Packs provide cross-account IAM support that allows organizations to trust and allocate roles with specific access privileges to specific groups or users.

Pushdown to any cloud data warehouse including Azure Synapse

Over previous releases, Snaplogic has introduced ELT support for Snowflake, Redshift cloud data warehouses so that you can do both ETL and ELT on a single platform. The ELT support is extended to Azure Synapse with this release. With ELT for Azure Synapse, you can accelerate data loading into Azure Synapse to provide ultimate flexibility to transform data by use of all computing resources across SnapLogic and Azure Synpase, thus reducing TCO and enabling a faster time-to-value.

With the SnapLogic platform yextract data from SaaS applications and databases with a vast number of Snaps. Once the data is in the staging area in Azure Cloud Storage, visually define data transformations, no need to write SQL. These visual transformations are converted into SQL statements and pushed to Azure Synapse for execution.

New features added to SnapLogic ELT make it easy to discover schema and SQL functions in the target cloud data warehouse. The platform provides suggestions for column names during LOAD, INSERT SELECT or MERGE INTO operations. The platform also provides SQL function suggestions when working with your target cloud data warehouse. To deal with large number of SQL functions various cloud data warehouses support, are grouped into different categories to simplify discovery.

Better Ease of Use and improved resiliency with the Platform Updates

The SnapLogic Intelligent Integration platform continues to evolve to make it easy for integration developers, whether they are technical or non-technical, to build and monitor integrations.

Universal Search, as the name suggests helps you search everything related to SnapLogic, all from a single search box. With the February release, it now performs pipeline searches in addition to the searches in Community, Configured Snaps and Documentation. This is not just a simple text based search. The Iris AI integration assistant provides more relevant search results across generic content (in community and documentation) and specific content from your org (such as pipelines or configured Snaps that you have access to). T

Figure 1: Universal search now supports pipeline searches

To efficiently monitor your integrations use the platform notifications to Slack. Users then get notified via Slack for any notifications from SnapLogic platform such as Daily API Usage, Snaplex Congestion, CPU usage, user activity, in addition to email notifications. Send notifications either on Slack Channels or directly to users.

Figure 2: Configuring Notifications to Slack

Enable Snaplex levels scheduling for all the scheduled tasks. This update reduces the time difference between the scheduled time of task execution and the actual time of task execution. With this update, your scheduled tasks won’t be affected by network disruption of the control plane helping your reliably deliver data that advances business processes and delivers insights.

Comments Off on Snaplogic iPaaS now even better – ask Synergy Software Systems »

Posted in Construction Software, Corporate Perfomance Management, Dynamics 365, e procurement, Education, Healthcare, Hospitality, HR and Payroll, Project Management, RPA and DMS, Security and Compliance, SharePoint and EPM, SQL, Sunsystems and Vision, Teams collaboration remote access, Technology

10 X Faster Reports on SQL! Run Time from 30 Mins to 3 Mins! Ask Synergy Software Systems

April 27th, 2021

The performance degradation of applications running on Windows, and VMs is getting inherently worse. This includes latency issues, queries or reports timing out, crashes, missed SLAs, back office batch jobs bleeding over into production hours, and the litany of “shadow IT” problems that wreak havoc.

Even after migrating to a brand-new flash array, performance problems return because the root source of the problem still exists. The fact is, 30-40% of performance is being robbed by small, fractured, random I/O being generated due to operating system I/O inefficiencies. This is a software problem that is solved by our software.

DymaxIO™ fast data software will quickly:

Increase performance automatically – no tuning required. Simply install and watch performance problems disappear.
Optimizes writes so maximum payload is carried with every I/O operation.
Speed up I/O intensive applications like MS-SQL/Oracle, CRM, ERP, File Servers, Imaging, Web Servers, Backups, VDI.

Install our software on your most troublesome servers and see 30-50% or more of the noisy, garbage I/O offloaded and performance dramatically improved.

Comments Off on 10 X Faster Reports on SQL! Run Time from 30 Mins to 3 Mins! Ask Synergy Software Systems »

Posted in Corporate Perfomance Management, Healthcare, Hospitality, HR and Payroll, Infor Financial solutions, Microsoft, Microsoft Dynamics CRM, Project Management, RPA and DMS, schools, Security and Compliance, SharePoint and EPM, SQL, Sunsystems and Vision

Extended Events – Security Issue – SQL Server 2019, 2017, 2016, 2014

January 13th, 2021

Microsoft has fixed vulnerabilities in Extended Events that “may cause code to run against the SQL Server process if a certain extended event is enabled.”

-KB 4583468 https://support.microsoft.com/en-us/help/4583468/kb4583468-microsoft-sql-server-elevation-of-privilege-vulnerability
and
– CVE 2021 1636, https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1636
Lots of patching to do :
• SQL Server 2019 CU8 GDR
• SQL Server 2017 CU22 GDR
• SQL Server 2016 SP2 CU15 GDR
• SQL Server 2014 SP3 CU4 GDR
And there are GDRs for other patch levels too, like if you’re on 2016 but not on SP2 yet.

Comments Off on Extended Events – Security Issue – SQL Server 2019, 2017, 2016, 2014 »

Posted in Microsoft, SQL, Technology

Ransomware that is Devastating MySQL Servers – be aware

December 29th, 2020

PLEASE_READ_ME is an active ransomware campaign that has been targeting MySQL database servers and dates back to at least the start of this year. The attack chain is extremely simple and exploits weak credentials on internet-facing MySQL servers. There are close to 5M internet-facing MySQL servers worldwide.

MySQL servers have often been used as a low cost alternative for applications like Dynamics Ax Retail store databases.

250,000 databases are offered for sale in the attackers’ dashboard, from 83,000 successfully-breached victims.

If you are using MySQl databases then we strongly recommend that you immediately review your credentials security and reference the link above.

Comments Off on Ransomware that is Devastating MySQL Servers – be aware »

Posted in Microsoft Dynamics Ax, Security and Compliance, SQL, Technology

DymaxIO Subscription Licensing -all Condusiv products now rolled into one for fast data.

October 21st, 2020

All of the technologies in V-locity®, Diskeeper®, and SSDkeeper® have been rolled into one new product – DymaxIO™.

New DymaxIO is fast data software. Whether on-premises or in the Cloud, DymaxIO returns more than 40%+ of your hroughput that is being robbed due to I/O inefficiencies of Windows, SQl and virtualisation.

Fix your application slows, freezes, timeouts, slow SQL queries, reduce cloud compute costs, and more, at the source – no new hardware needed.
A software solutlion to a software performance problem.

DymaxIO is sold as an annual subscription which saves you money. Subscriptions are available for client, server, and host systems.

A new DymaxIO site license is also available to conveniently and cost-effectively optimize the performance of all Windows systems.

To improve performance across your systems callus on 009714 3365589

Comments Off on DymaxIO Subscription Licensing -all Condusiv products now rolled into one for fast data. »

Posted in Corporate Perfomance Management, Dynamics 365, Healthcare, Hospitality, HR and Payroll, Infor Financial solutions, Microsoft, Microsoft Dynamics Ax, Microsoft Dynamics CRM, Project Management, RPA and DMS, SharePoint and EPM, SQL, Sunsystems and Vision, Technology

MrbMiner – act now to protect your SQL databases

October 3rd, 2020

MSSQL databases are under attack by a new devastating attack campaign. This time it is a dangerous malware called MrbMiner which is devised by an experienced hacking group. At this moment there is no information available about the identity of the criminals behind it. The name was given to the virus after one of the domain names which was registered to spread it.The attacks using a botnet approach — numerous computers and hacked hosts are tasked with the goal of automatically identifying accessible database servers on a given network. If such is found an automated script will be invoked which will attempt to leverage various security exploits. The main technique used is the brute force attempts that will use a dictionary or algorithm-based lists of usernames and passwords of the administrative users.A new malware gang has made a name for itself over the past few months by hacking into Microsoft SQL Servers (MSSQL) and installing a crypto-miner.

Thousands of MSSQL databases have been infected so far, according to the cybersecurity arm of Chinese tech giant Tencent.In a report published earlier this month, Tencent Security named this new malware gang MrbMiner, after one of the domains used by the group to host their malware. The Chinese company says the botnet has exclusively spread by scanning the internet for MSSQL servers and then performing brute-force attacks by repeatedly trying the admin account with various weak passwords.

Once the attackers gain a foothold on a system, they download an initial assm.exe file, which establishes a (re)boot persistence mechanism and adds a backdoor account for future access. Tencent says this account uses the username “Default” and a password of “@fg125kjnhn987.”

The last step of the infection process was to connect to the command and control server and download an app a Trojan module. that mines the Monero (XMR) cryptocurrency by abusing local server resources and generating XMR coins into accounts controlled by the attackers. It is used to keep a connection to the hacker-controlled server. It is used to take over control of the systems and steal any files and data from the hacked hosts. Usually, database servers are built on top of enterprise-grade and performance-optimized servers. For this reason, the hackers behind the ongoing campaign have implemented another dangerous action – to deploy a cryptocurrency miner. This is a script configured to download multiple performance-intensive complex tasks onto the infected servers. They will run automatically which will have a crippling effect on the usability of the systems. For every reported and completed the job the hackers will receive cryptocurrency assets as a reward.

The attacks will probably change in the near future. They are particularly useful for spreading dangerous malware such as the Qbot Trojan.

LINUX AND ARM VARIANTS ALSO DISCOVERED

The MrbMiner C&C server also contained versions of the group’s malware written to target Linux servers and ARM-based systems.
The Monero wallet used for the MbrMiner version deployed on MSSQL servers stored 7 XMR (~$630). While the two sums are small, crypto-mining gangs are known to use multiple wallets for their operations, and the group has most likely generated much larger profits.
For now, what system administrators need to do is to scan their MSSQL servers for the presence of the Default/@fg125kjnhn987 backdoor account. In case they find systems with this account configured, full network audits are recommended.

A T-SQL query that will collect data for you:

SELECT COUNT(*)
FROM sys.sql_logins AS s
WHERE s.[name] = ‘Default’
AND PWDCOMPARE(‘@fg125kjnhn987.’, s.password_hash) = 1