Counter of Festivals

Ashok Blog for SQL Learners and Beginners and Experts

Tuesday 4 December 2018

Configure firewall rules before running the TSQL Debugger

Configure firewall rules before running the TSQL Debugger

Windows Firewall rules must be configured to enable Transact-SQL debugging when connected to an instance of the Database Engine that is running on a different computer than the Database Engine Query Editor.

Configuring the Transact-SQL Debugger

The Transact-SQL debugger includes both server-side and client-side components. The server-side debugger components are installed with each instance of the Database Engine from SQL Server 2005 (9.x) Service Pack 2 (SP2) or later. The client-side debugger components are included:
  • When you install the client-side tools from SQL Server 2008 or later.
  • When you install Microsoft Visual Studio 2010 or later.
  • When you install SQL Server Data Tools (SSDT) from the web download.
    There are no configuration requirements to run the Transact-SQL debugger when SQL Server Management Studio or SQL Server Data Tools is running on the same computer as the instance of the SQL Server Database Engine. However, to run the Transact-SQL debugger when connected to a remote instance of the Database Engine, program and port rules in the Windows Firewall must be enabled on both computers. These rules may be created by SQL Server setup. If you get errors attempting to open a remote debugging session, ensure the following firewall rules are defined on your computer.
    Use the Windows Firewall with Advanced Security application to manage the firewall rules. In both Windows 7 and Windows Server 2008 R2, open Control Panel, open Windows Firewall, and select Advanced settings. In Windows Server 2008 R2 you can also open Service Manager, expand Configuration in the left pane, and expand Windows Firewall with Advanced Security.
 Caution
Enabling rules in the Windows Firewall may expose your computer to security threats that the firewall is designed to block. Enabling rules for remote debugging unblocks the ports and programs listed in this topic.

Firewall Rules on the Server

On the computer that is running the instance of the Database Engine, use Windows Firewall with Advanced Security to specify the following information:
  • Add an inbound program rule for sqlservr.exe. You must have a rule for each instance that needs to support remote debugging sessions.
    1. In Windows Firewall with Advanced Security, in the left pane, right-click Inbound Rules, and then select New Rule in the action pane.
    2. In the Rule Type dialog, select Program, and then click Next.
    3. In the Program dialog, select This program path: and enter the full path to sqlservr.exe for this instance. By default, sqlservr.exe is installed in C:\Program Files\Microsoft SQL Server\MSSQL13.InstanceName\MSSQL\Binn, where InstanceName is MSSQLSERVER for the default instance, and the instance name for any named instance.
    4. In the Action dialog, select Allow the connection, and click Next.
    5. In the Profile dialog, select any profiles that describe the computer connection environment when you want to open a debugging session with the instance, and click Next.
    6. In the Name dialog, type a name and description for this rule and click Finish.
    7. In the Inbound Rules list, right click the rule you created, and then select Properties in the action pane.
    8. Select the Protocols and Ports tab.
    9. Select TCP in the Protocol type: box, select RPC Dynamic Ports in the Local port: box, click Apply, and then click OK.
  • Add an inbound program rule for svchost.exe to enable DCOM communications from remote debugger sessions.
    1. In Windows Firewall with Advanced Security, in the left pane, right-click Inbound Rules, and then select New Rule in the action pane.
    2. In the Rule Type dialog, select Program, and then click Next.
    3. In the Program dialog, select This program path: and enter the full path to svchost.exe. By default, svchost.exe is installed in %systemroot%\System32\svchost.exe.
    4. In the Action dialog, select Allow the connection, and click Next.
    5. In the Profile dialog, select any profiles that describe the computer connection environment when you want to open a debugging session with the instance, and click Next.
    6. In the Name dialog, type a name and description for this rule and click Finish.
    7. In the Inbound Rules list, right click the rule you created, and then select Properties in the action pane.
    8. Select the Protocols and Ports tab.
    9. Select TCP in the Protocol type: box, select RPC Endpoint Mapper in the Local port: box, click Apply, and then click OK.
  • If the domain policy requires network communications to be done through IPsec, you must also add inbound rules opening UDP port 4500 and UDP port 500.

Firewall Rules on the Client

On the computer that is running the Database Engine Query Editor, the SQL Server setup or SQL Server Data Tools setup may have configured the Windows Firewall to allow remote debugging.
If you get errors attempting to open a remote debugging session, you can manually configure the program and port exceptions by using Windows Firewall with Advanced Security to configure firewall rules:
  • Add a program entry for svchost:
    1. In Windows Firewall with Advanced Security, in the left pane, right-click Inbound Rules, and then select New Rule in the action pane.
    2. In the Rule Type dialog, select Program, and then click Next.
    3. In the Program dialog, select This program path: and enter the full path to svchost.exe. By default, svchost.exe is installed in %systemroot%\System32\svchost.exe.
    4. In the Action dialog, select Allow the connection, and click Next.
    5. In the Profile dialog, select any profiles that describe the computer connection environment when you want to open a debugging session with the instance, and click Next.
    6. In the Name dialog, type a name and description for this rule and click Finish.
    7. In the Inbound Rules list, right click the rule you created, and then select Properties in the action pane.
    8. Select the Protocols and Ports tab.
    9. Select TCP in the Protocol type: box, select RPC Endpoint Mapper in the Local port: box, click Apply, and then click OK.
  • Add a program entry for the application hosting the Database Engine Query Editor. If you need to open remote debugging sessions from both SQL Server Management Studio and SQL Server Data Tools on the same computer, you must add a program rule for both:
    1. In Windows Firewall with Advanced Security, in the left pane, right-click Inbound Rules, and then select New Rule in the action pane.
    2. In the Rule Type dialog, select Program, and then click Next.
    3. In the Program dialog, select This program path: and enter one of these three values.
      • For SQL Server Management Studio, enter the full path to ssms.exe. By default, ssms.exe is installed in C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\Management Studio.
      • For SQL Server Data Tools enter the full path to devenv.exe:
        1. By default, the devenv.exe for Visual Studio 2010 is in C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE.
        2. By default, the devenv.exe for Visual Studio 2012 is in C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE
        3. You can find the path to ssms.exe from the shortcut you use to launch SQL Server Management Studio. You can find the path to devenv.exe from the shortcut you use to launch SQL Server Data Tools. Right click the shortcut and select Properties. The executable and path are listed in the Target box.
    4. In the Action dialog, select Allow the connection, and click Next.
    5. In the Profile dialog, select any profiles that describe the computer connection environment when you want to open a debugging session with the instance, and click Next.
    6. In the Name dialog, type a name and description for this rule and click Finish.
    7. In the Inbound Rules list, right click the rule you created, and then select Properties in the action pane.
    8. Select the Protocols and Ports tab.
    9. Select TCP in the Protocol type: box, select RPC Dynamic Ports in the Local port: box, click Apply, and then click OK.

Requirements for Starting the Debugger

All attempts to start the Transact-SQL debugger must also meet the following requirements:
  • SQL Server Management Studio or SQL Server Data Tools must be running under a Windows account that is a member of the sysadmin fixed server roll.
  • The Database Engine Query Editor window must be connected by using either a Windows Authentication or SQL Server Authentication login that is a member of the sysadmin fixed server role.
  • The Database Engine Query Editor window must be connected to an instance of the Database Engine from SQL Server 2005 (9.x) Service Pack 2 (SP2) or later. You cannot run the debugger when the Query Editor window is connected to an instance that is in single-user mode.
  • The server needs to communicate back to the client via RPC. The account under which SQL Server service is running should have authenticate permissions to the client

Controlling Statement Execution

In the Transact-SQL debugger, you can specify the following options for executing from the current statement in Transact-SQL code:
  • Run to the next breakpoint.
  • Step into the next statement.
    If the next statement invokes a Transact-SQL stored procedure, function, or trigger, the debugger displays a new Query Editor window that contains the code of the module. The window is in debug mode, and execution pauses on the first statement in the module. You can then move through the module code, for example, by setting breakpoints or stepping through the code.
  • Step over the next statement.
    The next statement is executed. However, if the statement invokes a stored procedure, function, or trigger, the module code runs until it finishes, and the results are returned to the calling code. If you are sure there are no errors in a stored procedure, you can step over it. Execution pauses on the statement that follows the call to the stored procedure, function, or trigger.
  • Step out of a stored procedure, function, or trigger.
    Execution pauses on the statement that follows the call to the stored procedure, function, or trigger.
  • Run from the current location to the current location of the pointer, and ignore all breakpoints.
    The following table lists the various ways in which you can control how statements execute in the Transact-SQL debugger.
ActionPerform action:
Run all statements from the current statement to the next breakpointClick Continue on the Debug menu.

Click the Continue button on the Debug toolbar.
Step into the next statement or moduleClick Step Into on the Debug menu.

Click the Step Into button on the Debug toolbar.

Press F11.
Step over the next statement or moduleClick Step Over on the Debug menu.

Click the Step Over button on the Debug toolbar.

Press F10.
Step out of a moduleClick Step Out on the Debug menu.

Click the Step Out button on the Debug toolbar.

Press SHIFT+F11.
Run to the current cursor locationRight-click in the Query Editor window, and then click Run To Cursor.

Press CTRL+F10.

Ref:
https://docs.microsoft.com/en-us/sql/ssms/scripting/configure-firewall-rules-before-running-the-tsql-debugger?view=sql-server-2017
Posted by at 23:10

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)