Welcome to a new year, and a new look at what I’ve learned in my time as a beginner and junior DBA.
So, I’ve been in this DBA gig for just over 1.5 years, and it’s been quite a fun and interesting ride. Many readers have read my Ironic DBA Files posts where I regularly talked about what I was learning as a new DBA, and then my four-part series on reviewing my first full year. If you haven’t read them, you can go back and see everything I’ve written so far.
One of the things I mentioned in my four-part series was how I had begun working daily in Production, checking out some of our client’s servers on a daily basis. I shared a super-basic overview of what I looked for each day, and how I reported my findings to Kevin and/or our clients.
I thought 2021 was a great time to revisit these ideas in greater detail. There may be accidental or junior DBAs out there who could benefit from seeing how I go about my daily tasks, so I whipped up a series of posts to share the basics of performing server reviews. Along the way, Kevin will chime in with separate comments and posts using his 20+ years of knowledge and experience to take us to a deeper level in some of these issues.
Welcome to the party. Let’s get started.
Keep in mind during these first two posts—and likely many others—that the specifics of your environment will vary depending upon your personal workflow and the policies/procedures of your employer. Some of you are working from home like me, and will find a lot of what I’m sharing practical to implement, while others who are working in an office environment may need to alter what you read to fit your specific environment.
To get started performing server reviews, you’ll need to get five basic sets of tools set up in your environment:
- Password management software
- VPN clients
- RDP clients and Jumpboxes
- SQL Server Management Studio (SSMS)
- Script library
This week we’ll take a closer look at the first two: password management and VPN clients.
Again, depending upon the requirements of your employer and/or circumstances, what you use to accomplish some things will vary. For instance, here at Dallas DBAs we use KeePass for our password management. Simply put, it does everything we need it to do flawlessly and allows us to share credential files with one another (when clients approve this). As long as we know the master password, we’re ready to connect to any client at any time.
Whatever you do, get something to manage your login credentials. Don’t try to memorize all your different passwords—that’s actually less secure than using a password manager.
If you work in an office environment, you may not need to use a VPN since it’s likely your local machine is connected to the same network as your servers, but this isn’t always the case. Sure, it’s probably a fair bet that anyone who’s been working in any sort of IT for any amount of time has used a VPN, so I’m not going to go into a lot of detail. My main purpose here is to simply share some of our experiences.
First up, if you have to opportunity to be a consultant, you’re going to run into half a dozen or more VPN clients, and you’ll need to learn the quirks of each one. Some of the VPNs we see most often include Cisco AnyConnect, Citrix Workspace and Citrix Storefront, Pulse Secure, Barracuda Network Access Client, and SecureLink. You’ll have to learn how to deal with and troubleshoot each one you use.
For instance, there’s a 50/50 chance that any given Citrix update will take away my ability to copy/paste directly out of a VPN window into a local text document. Thankfully, there’s a way to fix this, but I had to put on my search engine hat to find it—and sometimes this fix doesn’t work when Citrix pushes out a new update. No, it’s not hard, but it means I can’t just be a lazy DBA.
We also run into connection quirks with VPNs. Sometimes we’ve found ourselves unable to connect to a VPN if another VPN’s software is still running in the background. Pulse often had trouble connecting unless we killed off both Cisco and Citrix clients—even though they were not actively connected. Kevin had an issue for a while where he could not send or receive email while connected to a particular VPN client. A frustrating limitation when you’re trying to troubleshoot a problem while communicating with a client.
One odd quirk I have with the Barracuda client is that I have to unplug my ethernet cable to make a connection—the client only works over wifi. It took several minutes of troubleshooting the first time I used this client to get going. Now, when I have VPN client trouble, one of the first things I try is unplugging my ethernet.
Lastly, Kevin and I sometimes have to use shared VPN login credentials (not optimal!), and we’ve learned that there can be trouble connecting to a VPN if the other user was recently connected. We’re not absolutely sure of the cause, but we suspect that it has something to do with IP addresses since we live in different locations. The VPN seems to possibly reject an IP address if the other user had been connected (again, when clients give us a shared account to use). It can sometimes take several attempts and computer restarts before the VPN will accept a new connection.
Come back next week and we’ll cover RDP client issues, VM environments, and script libraries.