Press "Enter" to skip to content

Author: Kevin Feasel

Management Plane and Data Plane Permissions

Published 2026-01-30 by Kevin Feasel

Rebecca Lewis continues a series on cloud data platform security:

My last post ended with a promise to explain the management plane vs. data plane split in practical terms. The short story? There are two separate permission systems — one for managing resources, one for accessing data — and they don’t talk to each other. The good news: you already understand this model. You just don’t recognize it yet.

Click through for the explanation and a simile involving SQL Server’s security model.

Leave a Comment

Automatic Stats Updates and Plan Cache Invalidation

Published 2026-01-30 by Kevin Feasel

Brent Ozar threads the needle:

Normally, when SQL Server updates statistics on an object, it invalidates the cached plans that rely on that statistic as well. That’s why you’ll see recompiles happen after stats updates: SQL Server knows the stats have changed, so it’s a good time to build new execution plans based on the changes in the data.

However, updates to system-created stats don’t necessarily cause plan recompiles.

Read on for the rare situation in which invalidation doesn’t happen.

Also, Brent has me wondering if the lemon popcorn is more sweet/tart (like a lemon bar) or savory (like lemon pepper) and I may have to try both styles.

Leave a Comment

Defining Technical Debt

Published 2026-01-30 by Kevin Feasel

Louis Davdison takes a favorite phrase of many an IT person:

Ah, the term “technical debt.” The implication of it is that you have this wonderful idea, this glorious design, and for time/money reasons, you said “we can’t achieve this.” I am not sure there has ever been a project that didn’t have technical debt. It happens in software, it happens in the real world. You probably have technical debt in your house, and huge companies like Disney make these glorious plans that never quite get finished.

Click through for a link to Louis’s video. As for my own definition of technical debt, I wrote a blog post about it a while back. As of this moment, the only part I might debate myself on is whether “It was a good decision at the time, but times have changed” is really technical debt or if it’s something else. From an ontological perspective, it’s probably a different category of thing. But from the standpoint of a practitioner with a code base or infrastructure as it is, I don’t know that it matters all that much whether we call it “technical debt” or “the ever-changing sands of time ruining all that is great.” Though definitely pull out the latter in a meeting when trying to explain to a PM why you need 40 hours of dev time to rewrite some code.

Leave a Comment

Testing the Performance of Direct Lake vs Import Mode for Semantic Models

Published 2026-01-30 by Kevin Feasel

Gilbert Quevauvilliers performs some testing:

In this blog post I am going to show you how I completed the automated testing and then the results where I am going to compare Direct Lake, Import and DirectQuery and which one appears to be the best.

As always, your testing may very or be different to my tests below.

I would highly recommend that you use the method I have used and apply this testing technique to your data to understand and validate which semantic model would be best for your capacity.

Click through for details on the tests, query durations, and how the three major modes of data loading into Microsoft Fabric semantic models (Import, Direct Lake, Direct Query) fare.

Leave a Comment

The Value of MERGE

Published 2026-01-30 by Kevin Feasel

Erik Darling defends the honor of the MERGE statement:

In this video, I delve into the often maligned `MERGE` statement in SQL Server, defending it against its critics and highlighting its unique benefits. You might be surprised to learn that `MERGE` can actually help catch non-deterministic updates—something a standard `UPDATE` query won’t do. By demonstrating how `MERGE` issues a warning when you attempt a non-deterministic update, I aim to show why this statement deserves more respect in your database toolkit. The video also covers practical solutions for making these updates deterministic using window functions like `ROW_NUMBER()`, ensuring that the data integrity and consistency you expect from SQL Server are maintained. Whether you’re looking to improve query reliability or just want to understand a lesser-used feature better, there’s something here for everyone who deals with complex data operations in SQL Server.

Alongside this, I recommend a post from Hugo Kornelis from a few years ago, looking into pretty much every problem people reported with MERGE and checking to see if it was still and issue and, if so, under what circumstances.

Leave a Comment

How SQL Server Uses the Service Master Key

Published 2026-01-30 by Kevin Feasel

Greg Low provides an explanation:

The Service Master Key (SMK) is one of the most misunderstood security components in SQL Server.

It is frequently described as:

  • The root of all encryption
  • The key that protects everything
  • Something you must back up constantly

Those statements are not entirely wrong – but they are incomplete, and in some cases actively misleading.

It’s important to understand what the Service Master Key actually does, when it matters, when it doesn’t, and why many operational decisions around it are based on myth rather than mechanics.

Read on to learn more about what the key is, what exactly it protects, and some practical guidance around managing it.

Leave a Comment

Working with Headers in Paginated Reports

Published 2026-01-29 by Kevin Feasel

Andy Brownsword just wnats things to line up correctly:

If you’ve tried to get header rows to repeat or scroll as you move through your paginated reports, you may have felt the frustration of getting them working correctly. Whether it’s Reporting Services, Power BI, or Fabric, the flavour doesn’t matter.

The properties on the tablix should provide the functionality, but they’re not reliable. In this post we’ll look at how to achieve the repetition and scrolling behaviour that will work consistently.

Read on to re-experience one of the more annoying pain points around SQL Server Reporting Services and now Power BI paginated reports.

Leave a Comment

SQL Server and January 2026 Patch Tuesday

Published 2026-01-29 by Kevin Feasel

Rebecca Lewis takes a look at a recent security vulnerability:

Microsoft’s January 2026 Patch Tuesday included a security fix for SQL Server: CVE-2026-20803, an elevation of privilege vulnerability with CVSS score 7.2 (Important).

The vulnerability is classified as CWE-306: Missing Authentication for Critical Function. An attacker who already has high-level privileges on the SQL Server instance could exploit this flaw to escalate further — gaining debugging privileges, dumping system memory, and potentially extracting sensitive data or credentials.

Read on for more information about the CVE, what it requires to exploit, and how you can patch SQL Server to prevent it from being an issue. It’s interesting that this only affects SQL Server 2022 and 2025.

Leave a Comment

Deciding Whether to Use Clustering or Availability Groups

Published 2026-01-29 by Kevin Feasel

Brent Ozar has a take:

Sandra Delany (LinkedIn) wrote a well-thought-out blog post called, “Should a SQL Server DBA Know Windows Clustering?” She’s got about 20 years of DBA experience, and she works for Straight Path (a firm I respect) as a consultant. You can probably guess based on her background that yes, she believes you should know how to set up, configure, and troubleshoot Windows clustering. It’s a good post, and you should read it.

But… I don’t agree.

Read on for Brent’s opinion. I do agree that there are companies that don’t need high availability, and that there are plenty of problems you can run into if you don’t understand how it all works. I also think that, if you’re a DBA responsible for maintaining servers, and your company isn’t using any kind of high availability option, it’s important at least to learn how the mechanisms work so that, if HA does become important, you aren’t pushing back because of ignorance in the product.

But on the flip side, where does that rank in importance? It’s probably closer to the middle (or lower) than the top of the list. And I definitely agree that disaster recovery is generally the more important of the two if you can only have one. But even there, we have exceptions in things like stock trading systems or data warehouses, where you can rebuild the system from external sources.

Leave a Comment

Performance Testing Sequential Number Generation

Published 2026-01-29 by Kevin Feasel

Louis Davidson breaks out the stopwatch:

I have read so much lately about how bad it is to use a recursive CTE to do… well pretty much anything. It came up in a discussion about creating sequential number, and not in a positive sort of way.

I wrote about recursive CTEs when they were first added to SQL Server, and have been a fan for doing breadth-first searching of a hierarchy/graph, but never even thought to use one to generate a set of numbers. As I kept hearing how bad it this method was, so I figured, let’s see just how terrible it is. And of course, I needed something to compare to, so I decided to try all of the ways I could think of. So I will generate varying numbers of rows with the following methods:

Read on for the list of competitors and how they did.

Leave a Comment