Skip to main content

Lock Pages in Memory

It is generally recommended that 'lock pages in memory' be enabled for your SQL Servers to prevent the OS paging out SQL Server memory.

how do you do this?

Well, the answer is straight forward...If you have SQL Server Enterprise Edition:

You allocate the service account running SQL Server the 'Lock Pages In Memory' permission.

How Can I Tell if 'Lock Pages in Memory is Enabled?'

Note

I am using Windows 2003 R2 and SQL Server 2008 SP1 for this demo but I have also done this on Windows 2008 R2 and it works just the same way. It is a 64 bit environment.

If you are running SQL Server with the Local System account, I know most of you are not, but for those of you that are, SQL Server will automatically 'lock pages in memory'. Bob Ward has a blog post on this here: (http://blogs.msdn.com/b/psssql/archive/2007/10/18/do-i-have-to-assign-the-lock-privilege-for-local-system.aspx)

If you are using the local system or a domain account with appropriate permissions you will see an entry similar to the following at the start of the SQL Server log:

LockPagesInMemoryIsEnabled

Therefore if you are running SQL Server using a domain account and the domain account does not have the necessary permissions to lock pages in memory then you will not have this message in the log:

LockPagesInMemoryIsNotEnabled

If you do not have 'Lock Pages In Memory' enabled and you would like too enable it then follow these steps:

Logon to the SQL Server in question

Click <Start><Run> and enter 'secpol.msc' in the run box.

In the 'Local Security Policy' window that opens expand <Local Policies> and <User Rights Assignment> in the left hand pane.

LocalSecurityPolicyWindow

In the right hand pain scroll down to the 'lock pages in memory' policy. Right Click, select <Properties> <Add User or Group> and add the domain account that is running the SQL Service and click <OK>

LockPagesInMemory

That's it, you need to restart the SQL Server service for the change to take effect, the next time that SQL Server starts up you should see

LockPagesInMemoryIsEnabled

in the SQL Server log.

Standard Edition

Up until SQL Server 2005 SP3 Cumulative Update Package 4 and SQL Server 2008 SP1 Cumulative Update Package 2 'Lock Pages in Memory' was not supported in SQL Server Standard Edition.

You may find this link helpful

http://support.microsoft.com/kb/970070

as you need to request the CUs from Microsoft. They will then send you a link to download the CU.

These two CUs add the 'lock pages in memory' option for SQL Server Standard edition.

Note you you have to enable trace flag 845 to for standard edition to be able to 'lock pages in memory.'

Virtualisation, SQL Server and Lock Pages

Are you running SQL Server in Virtual Land, well here is something else to to consider care of Mr Denny:

http://itknowledgeexchange.techtarget.com/sql-server/vmware-and-sql-and-lock-pages-in-memory/

Comments

Popular posts from this blog

SQL Server 2012 and Virtual Service Accounts

This post is written by David Postlethwaite
If you are using SQL Server 2012 you will probably have noticed that the default account for the SQL services has changed from that used in previous versions. With SQL 2005 and 2008 the default account for SQL service and SQL Agent service was “NT Authority\System”. This is one the built in accounts on a Windows machine, managed by the machine and selectable from a dedicated dropdown list

The Network Service account was introduced in Windows 2003 as an alternative to using the LocalSystem account, which has full local system privileges on the local machine, a major security concern.
The Network Service has limited local privileges easing these security concerns but when many services on a machine use the Network Service account it becomes harder to track which service is actually accessing resources and performing actions, because all the services are using the one Network Service account.
Also, this account, by default, has sysadmin per…

Always Encrypted

By David Postlethwaite

Always Encrypted is new features in SQL Server 2016 and it is also available in Azure SQL Database. Here you can encrypt columns in a table with a master key and a certificate so that they will appear as encrypted strings to those who don’t have the required certificate installed on their pc.
Once the certificate is installed on the computer then the unencrypted data can then be seen as normal.

The data passes from database to your application as the encrypted value, only the application with the correct certificate can unencrypt the data so it is secure across the wire. This will go some way to resolving the concern of people worried about putting their sensitive data on a shared server in the cloud such as Microsoft Azure and accessing the data across the Internet.

At the time of writing Always Encrypted is only supported with ADO.NET 4.6, JDBC 6.0 and ODBC 13.1 but expect other driver to become available.

The calling application (including SSMS) must also hav…

How to Setup Kerberos Correctly

David was in Copenhagen this weekend delivering his Kerberos talk Taming the Beast: Kerberos for the SQL DBA to SQL Saturday Denmark. I have had a quick chat with him via email since he got back and he said he had a great time. The event was very well attended with 280+ attendees and his talk was well attended.

I think David is planning submitting a few sessions to SQL Saturday events in Europe in the next few months so look out for him there and we'll keep you posted as to his whereabouts when schedules get finalised later in the year.

David has pre-recorded his Kerberos talk. You can watch on you tube and I have also embedded it in this post if you want to see what his kerberos talk  covers...



If we can help you with a SQL Sever problem visit our SQL Server Consulting page or contact us