Wednesday, 2 June 2021

Recover Deleted Azure Database using LTR backups


I have had many queries in past where there was scenario where PROD Azure DB has to be restored which mean a new DB is created in Azure DB and users were not sure if they will loose the LTR backups of the old databases if deleted and kept paying for an unused DB.

Most of the confusion comes when you delete the database in Azure option to access LTR backups of the deleted DB though portal goes away which makes the users think the backups are also deleted permanently. This is not true even though you have deleted the DB the LTR backups are always retained according to your retention policy. It is only not accessible though Poral, You can use Powershell or AzureCLI to access it.

use the below Powershell it will return all the LTR backups on your location,

Get-AzSqlDatabaseLongTermRetentionBackup -Location <yourAzDClocation>



You can use the filer at SQL instance level, DB level and Resource group level too. So don't be afraid of losing your LTR backup when you delete the DB.

But PiTR backups is a different story, by default the backup can be recovered within 7 days(unless you have set PiTR backups to one day) from deleted DB folder in portal or using Powershell ( https://docs.microsoft.com/en-us/azure/azure-sql/database/recovery-using-backups#deleted-database-restore ) After which you will loose the DB if there are not LTR backups so be careful before deleting Azure databases with no LTR backups.

Wednesday, 30 December 2020

Powershell - Set Azure SQL Firewall for all Azure SQL Service Tag IP in a Region

 With one of my client we had to create a external data source between 2 Azure DB's but we were not happy to set Allow Azure services option to enable connectivity for 2 Azure DB's and open up Firewall to DB from all Azure resources so we went through the option of setting Allow Azure Services Off and whitelisting SQL ServiceTag IP's for Azure region where our DB's were hosted, Below is the script i created to accomplish the task and WestEurope is the region I used...


Monday, 15 June 2020

Restore Azure SQL Database to different subscription without bacpac

Have you ever faced a scenario doing bacpac for a large database in order to move to another subscription, and waiting endlessly for this process to complete and thought why are't we able to just restore AzSQL Database. Well actually we can and it is well documented in Microsoft too under (Copy a transactionally consistent copy of a database in Azure SQL Database ) the problem is it is not under restore section so on basic google search it becomes bit tricky as the default bacpac option is the one you are going to see.

Summarising the process in the link, you can do this only using SSMS and not through Portal,You have to use a login that has the same name and password as the database owner of the source database on the source server. The login on the target server must also be a member of the dbmanager role, or be the server administrator login. Then execyte the below TSQL(Server name will be just the AZSQL Server name without database.windows.net


-- Execute on the master database of the target server (server2) to start copying from Server1 to Server2
CREATE DATABASE Database2 AS COPY OF server1.Database1;

Hope the article helps!

Tuesday, 17 December 2019

Last login date Power BI

Recently one of my client came up with a requirement of finding out the last login date of a Power BI user and wanted it scheduled as report, The details can be found in Power BI audit log or Azure AD user sign in info. I used the AzureADPreview Module cmdlets in PowerShell to get the required details

Friday, 11 October 2019

PowerShell - Audit / Extract Workspace User Access in Power BI

As part of security exercise I was asked extract all the users and their permissions in ouer Power BI environment, With introduction of PowerShell Module of Power BI and REST API's for Power BI auditing has become as easy as ever using PowerShell and API's.

In order to run the below Powershell script you first need to install MicrosoftPowerBIMgmt module in your powershell environment.

Copyright © 2019 Vinoth N Manoharan.The information provided in this post is provided "as is" with no implied warranties or guarantees.

Thursday, 29 August 2019

PowerShell - Create a new Credential in Credential Manager - Interactive

Powershell create a credential in credential manager, The script interactively gets the Username and password and creates a Credential in Credential Manager,


Copyright © 2019 Vinoth N Manoharan.The information provided in this post is provided "as is" with no implied warranties or guarantees.

Monday, 10 June 2019

Configure SQL Azure Auto-Failover Group - Azure Portal

In addition to the Geo-Replication feature that Azure has Microsoft has built in an additional awesome feature call Auto-Failover Group to failover Group of Azure databases and all database in Managed Instance, the more import feature is that the endpoint for the primary and the secondary endpoint remains the same, I would not go into more details you can find more details on
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-auto-failover-group 

Let see how it can be configured via Azure Portal,

My environment,

Primary SQL Instance - td-sqltestinstance
Region - UK West
Database Name - AdventureWorks2017

Secondary SQL Instance - td-sqlinstance-dr
Region - UK South


I am going to create a geo-replication first between the primary and the secondary server and allow geo-replication link to be inherited by the failover group.



I am adding UK South as my secondary server location and keeping the secondary Replica as a readable copy as below,


In the below Pic you can see my secondary read-only replica has been added, Primary Server can be used for all RW functions and Secondary read-only replica can be used for all reports.


Now lets move on and create a Failover Group for these 2 databases, on the settings of primary server td-sqltestinstance select Failover Groups and Add a Group


I am going name my Failover group as 'td-sqltestinstace-fo' this failover groups name acts like cluster virtual name / AG Listener Name so we do not need to change the server name setting in the application on failover. Select the database(s) which needs to be in the failover group.



The below pic shows the failover group has been created and the databse added to the failover group, Another important point is to note the RW Listener endpoint and Read-only Listener Endpoint. These 2 name will remain constant even in failover so the application need not change anything in case of failover this is a significant improvement from geo-replication where we have to change the servernames in case of failover.






Now that we have created the Failover group, Let us try manually failing over manually,



As you can see below, UK South has now become primary and UK west is now secondary read only replica but the Listener endpoints remains the same.

Hope the above article help, I am also sharing the Microsoft link for various topologies we can use with the Failover groups its worth a read before designing your DR solution.

https://docs.microsoft.com/en-us/azure/sql-database/sql-database-designing-cloud-solutions-for-disaster-recovery