I have a SSIS package using BIDS 2008 which is for SQL Server 2008 R2.
I was successfully able to deploy the package along with config file on a shared folder on the server . A SQL Agent job is configured to execute the package . It works fine on the DEV. While doing package deployment on the QA environment I noticed that I need to change the server names from the connection strings specified in the config file as well as amend the package .
My worry is the next time I do enhancement to the package I would need to reconfigure package file which is error prone.
Looking for dynamic configuration solution for various environments.
You may create Environment Variables on server and assign value as DEV/QA/UAT/PROD.
Configure your package to read this values so that you don't have to change during deployment.
Example :
%Environment%\MyPackageStore\ProjectName\Package.dtsx
you can fetch value and assign to variable at package level to build a connection string :
If you want to Configure SQL Agent Job, here is the example :
Related
I want to test dynamic connection string in SSIS. Here were the steps that I already performed.
1) Created connection string.
2) Parameterizing connection string
3) Deploy SSIS Package to SSIS Catalog via Project deployment model
4) Setup environment variable in SSIS Catalog
5) Configure SSIS project to reference environment variable
Everything look goods but failed to execute the task.
SSIS Catalog
Project configuration
Error message
I think you should fix the issue with the steps below:
Create a Proxy account with permissions in SSISDB and the permissions needed for the db used in the package.
Create a credential in the SSIS server. The user and password are the same that the proxy account.
Use the proxy account to execute the project.
As per the screenshot, it looks like the package is failing due to login issue. Please check the login with which the package is running and it has correct access to DB Server.
I am trying to set up a new SQL Agent job on a SQL2012 server. At the point of defining the job step type = SSIS package, the sql agent setup crashes and I get the following error:
the type initializer for ‘’ threw an exception. (SQLManagerUI) Additional information: Attempted to read or write protected memory. This is often an indication that other memory is corrupt. (DTEParseMgd)
Other posts suggest that the only workaround is to install SQL2014 or 2016, or return to SQL2008. None of these options are possible for us.
We have to move away from SQL2008 for security reasons. We cannot move to SQL2014 because we use access adp project front ends which need the SQLOLEDB data provider which is obsolete in SQL2014.
Does anyone know if Microsoft have released a service patch for SQL2012 which fixes this issue for good?
That memory error sounds like a server issue, but until you track that down, here's a workaround: set the job step type to "Operating System (CmdExec)", and use DTEXEC, for example:
DTExec /DTS "\<ssisPkgName>" /DECRYPT <pkgPass> /MAXCONCURRENT " -1 " /CHECKPOINTING OFF
Note that if the SSIS package requires 32-BIT execution (true for exporting to Excel, for example), then use the DTEXEC utility in "Program Files (x86)" by fully qualifying it. Example, where the SQL Server application was installed on an "E:" drive, and where SQL Server 2014 is being used:
E:\Program Files (x86)\Microsoft SQL Server\120\DTS\Binn\DTExec.exe" /DTS "\<ssisPkgName>" /DECRYPT <pkgPass> /MAXCONCURRENT " -1 " /CHECKPOINTING OFF
If your SSIS packages are in the file system (as ".dtsx" files), then replace "/DTS" with "/FILE".
If your SSIS packages were placed in SSISDB (using the "project deployment model", which is available starting with SQL Server 2012, instead of the older "package deployment model"), then replace "/DTS" with "/ISSERVER"
Lastly, consider your job step's "Run as": if your job step's "Run as" was already set to a proxy, then you already made that proxy "active" to the subsystem "SQL Server Integration Services Package". Now, to do command lines like the above, check that proxy's properties, and make sure it is also "active" to the subsystem "Operating system (CmdExec)". (If you're not using a proxy, then you may need to add "Operating system (CmdExec)" for the SQL job agent... but a proxy is better for security: why grant stuff to the agent, that you will only use in specific circumstances?)
(P.S. side benefit: with the above, I find it easier to get logging from the SSIS package.)
I have an SSIS package that has run for months daily with no problem. Suddenly it is failing every day with the error above. No changes to the package or the stored procs it runs have been pushed, to my knowledge, no changes to the database environment have been made including permissions for the service account that owns the job.
This is a SQL Server 2008 package that connects to a SQL server 2008 R2 database. The configuration is through the ssisconfig table and it defines which server to use through an environment variable.
The component in question is using a stored proc. In the proc, all fields are explicitly cast to the same data type of the table the data is being staged too. The proc runs fine by itself. It is a relatively complex proc that has two table variables and a CTE.
I can't run it from my local on prod and dev is not failing. If I open the prod SSIS package while I am set to the environment variable that the job owner uses, I do not get a validation error on this component. ValidateExternalMetadata is set to true for this component. For the entire package though, Delay Validation is set to True. I do get a validation error that would be expected on a task using a variable that is set dynamically in an earlier task. This error, however, is many, many steps later than the step it is currently failing on.
Usually in the past when we have had this sort of unspecific error, I have been easily able to see the problem with the data that caused the sudden failure. But none of the data in the proc result set is even close to being incorrect for the datatypes defined for staging table for that field. None of the required fields are missing data either.
I am out of ideas for what else to look at. If the environment didn't change, the actual code didn't change and the data looks correct, what is left to try?
As I have commented for details error, you can try below link from Microsoft:
Debug SSIS Package while calling from Agent
Some info from link:
Reasons that the package may have failed are as follows:
The user account that is used to run the package under SQL Server Agent differs from the original package author.
The user account does not have the required permissions to make connections or to access resources outside the SSIS package.
The package may not run in the following scenarios:
The current user cannot decrypt secrets from the package. This scenario can occur if the current account or the execution account
differs from the original package author, and the package's
ProtectionLevel property setting does not let the current user
decrypt secrets in the package.
A SQL Server connection that uses integrated security fails because the current user does not have the required permissions.
File access fails because the current user does not have the required permissions to write to the file share that the connection
manager accesses. For example, this scenario can occur with text
log providers that do not use a login and a password. This scenario
can also occur with any task that depends on the file connection
manager, such as a SSIS file system task.
A registry-based SSIS package configuration uses the HKEY_CURRENT_USER registry keys. The HKEY_CURRENT_USER registry keys
are user-specific.
A task or a connection manager requires that the current user account has correct permissions.
Method 1: Use a SQL Server Agent proxy account Create a SQL Server Agent proxy account. This proxy account must use a credential that
lets SQL Server Agent run the job as the account that created the
package or as an account that has the required permissions.
This method works to decrypt secrets and satisfies the key
requirements by user. However, this method may have limited success
because the SSIS package user keys involve the current user and the
current computer. Therefore, if you move the package to another
computer, this method may still fail, even if the job step uses the
correct proxy account.
Method 2: Set the SSIS Package ProtectionLevel property to ServerStorage Change the SSIS Package ProtectionLevel property to
ServerStorage. This setting stores the package in a SQL Server
database and allows for access control through SQL Server database
roles.
Method 3: Set the SSIS Package ProtectionLevel property to EncryptSensitiveWithPassword Change the SSIS Package ProtectionLevel
property to EncryptSensitiveWithPassword. This setting uses a password
for encryption. You can then modify the SQL Server Agent job step
command line to include this password.
Method 4: Use SSIS Package configuration files Use SSIS Package configuration files to store sensitive information, and then store
these configuration files in a secured folder. You can then change the
ProtectionLevel property to DontSaveSensitive so that the package is
not encrypted and does not try to save secrets to the package. When
you run the SSIS package, the required information is loaded from the
configuration file. Make sure that the configuration files are
adequately protected if they contain sensitive information.
Method 5: Create a package template For a long-term resolution, create a package template that uses a protection level that differs
from the default setting. This problem will not occur in future
packages.
Above link will help you through logging and other possible scenarios of failure of your package from SQL Agent. I suspect that your user of Agent has been corrupted. But that is an assumption. You first enable the logging of SSIS by following link :
Enable SSIS Package Logging
Some info from link
To set the logging level for a package by using the Execute Package
dialog box
In SQL Server Management Studio, navigate to the package in Object Explorer.
Right-click the package and select Execute.
Select the Advanced tab in the Execute Package dialog box.
Under Logging level, select the logging level. See the table below for a description of available values.
Complete any other package configurations, then click OK to run the package.
Hope this will help you in the first place. If not please let me know.
I generated a SSIS packed by using the SQL Server export wizard utility.
I extract records from an Oracle 11g database and migrate them to SQL Server 2008 R2.
Since I have many oracle databases (test, production) with the same schema, I would like to reuse the created package also for the other environments. The package would be executed via command line and ideally by changing the source and target connection strings according to the different systems.
Is it possible to use the package .config file in order to change the source and target connection?
If so, which are the "keywords" to ensure that a specific connection strig is used for the proper target database?
When you create a SSIS package using wizard ,select the option Don't save sensitive while saving the package
Once the package is saved ,Log in to integration service expand MSDB and then Maintenance Plan folder where you will find your SSIS package .Right Click on the Package and select Run Package
In the connection Manager tab select your datasources .
Then click on command line option .You will get the entire command to execute your package where you can modify the connection strings which you have selected above .
The command might look like
/DTS "\MSDB\PackageName" /SERVER "ServerName"
/CONNECTION DestinationConnectionOLEDB;"\"Data Source=localhost;
Initial Catalog=DBName;Provider=SQLNCLI10;Integrated Security=SSPI;
Auto Translate=false;\"" /CONNECTION SourceConnectionOLEDB;
"\"Data Source=localhost;Initial Catalog=DBName;Provider=SQLNCLI10;
Integrated Security=SSPI;Auto Translate=false;\""
/CHECKPOINTING OFF /REPORTING V
Now in order to execute the package using command prompt
just add dtexec along with the above command.
Change the connection string to execute for different servers
I have an SSIS package that takes data from a MySQL database and puts it in to a SQL Server table. The connection to MySQL is ADO.net. The package runs fine in BIDS.
I would like to deploy the package to be run as a Job on SQL Server 2008. The MySQL connection requires sensitive data to be either stored within the package or held in some external configuration source. If it is stored within the package it will either by encrypted with a key specific to my windows user profile or must be protected via a password.
I have tried three methods of setting up a SQL Server Agent job to execute this pacakge, and all fail:
Using a Password
I set the ProtectionLevel of the package to EncryptSensitiveWithPassword and supply a password for the package. I then save a copy of the package to the msdb. I can then connect to SSIS and run the package, at which point I am prompted for a password.
When I try to schedule this as a job in SQL Server I am prompted to enter the password by clicking on the Configurations tab of the Job Step Properties and I can see that the /DECRYPT switch has been added to the Command Line tab. The Run As property is set to the SQL Server Agent Service Account, which is mapped to a database login that has sysadmin server role. When I attempt to start this job I get the following error:
Executed as user: DOMAIN\UserROLE. Microsoft (R) SQL Server Execute Package Utility Version 10.0.5500.0 for 64-bit Copyright (C) Microsoft Corp 1984-2005. All rights reserved. Started: 12:31:30 Error: 2012-07-03 12:31:31.20 Code: 0xC00291EC Source: Get Data Execute SQL Task Description: Failed to acquire connection "DATA_SOURCE". Connection may not be configured correctly or you may not have the right permissions on this connection. End Error DTExec: The package execution returned DTSER_FAILURE
It seems that using this method the package password itself is not stored anywhere for the job to access it.
Using an XML configuration file
I then created a copy of the package and set the ProtectionLevel to DontSaveSensitive and I set up a package configuration to store the MySQL credentials in an XML file. I then save this to the msdb and then when I run the package from
Integration Services I can provide a path to the config file, and all is well. However, once again when I set up a job for the package I point to a configuration file on the server but the job fails with the same error. I am wondering whether this is because the SQL Server Agent does not have an associated windows account that would allow it to read from the XML file stored in the file system.
Using a SQL Server table configuration
This time I created a copy of the package and set the ProtectionLevel to ServerStorage. I then created a [SSIS Configurations] table in the target SQL Server database. I modified the entries in this table to contain the password for the MySQL data source. Again, the package runs successfully from Integration Services, but fails with the same error as previously when run from a job. I have checked that the SQL Server Agent is able to read from the [SSIS Configurations] table ok - I set up a standalone job to test this.
Does anyone have any suggestions about what else I should do here?
I am thinking of giving up on SQL Server Agent Jobs for this and going back to having the package scheduled simply by the windows scheduler but thought before throwing in the towel I would try here first.
I am using the method of encrypting the password by setting EncryptSensitiveWithPassword as you discribed above and don't see anything you do wrong. Remember to use option keep protection level of the original package when importing the package with integration services, but it looks like you're doing that, too.
Try setting the role SQLAgentOperatorRole to your SQL Server Agent Service Account, you didn't mention that and i am not sure if you did. This could possibly solve your permission problems. (liked to answer by commenting this, but i lack of permissions here, too :)