tempdb looks encrypted, but it shouldn't have been - by Ekrem Önsoy

Status : 

 


3
0
Sign in
to vote
ID 3118734 Comments
Status Active Workarounds
Type Bug Repros 1
Opened 1/13/2017 2:14:30 AM
Access Restriction Public

Description

A Connect item about this topic created by John Bell:
https://connect.microsoft.com/SQLServer/feedback/details/566858/removing-tde-from-tempdb-should-not-require-a-restart

It was closed by design with an understandable explanation. However in my tests, I've found more than it was mentioned in that Connect item.

When TDE is enabled and disabled, SQL Server 2014 SP2 and SQL Server 2016 SP1 yield different results with sys.databases and sys.dm_database_encryption_keys catalog views. SQL Server 2014 SP2 has its own problems and SQL Server 2016 SP1 has its own. The problems are reproducable and I'm sharing the details with this Connect item.
Sign in to post a comment.
Posted by Microsoft on 1/13/2017 at 11:38 PM
Thank you everyone for all your efforts and reporting this bug. We did some initial investigation on this issue and found it to be reporting bug where the DMV column (sys.databases.is_encrypted) doesn't get updated for tempdb. While we will be looking to fix this in upcoming servicing release but it is benign issue which shouldn't impact the performance or resource consumption except for inaccurate reporting.