DTC && SQL Server 2000 Security
Jun 8, 2006
Perhaps someone can answer this question. I was given a document from a Microsoft consultant and setting up a secure SQL Server 2000 server for my company. This document is being used to setup standards for our enterprise implementation of SQL Servers.
In the document, it has a procedure of disabling the MSDTC service stating that, "the DTC can be used by COM+ applications to manage transactions across multiple database servers." But it really doesn't suffieniently state why this is a good security practice. Can anyone out there tell me why this is a good idea.
Background: We use the Standard Edition, and currently have no distributed servers out there, nor do we have replication. A side note, just recently we have been asked to install a replicated server for fail-over capability. Will disabling the DTC service hinder us?
gpl :-)
View 1 Replies
ADVERTISEMENT
Mar 18, 2002
I have what may be an elementary question; any help that anyone can provide would be greatly appreciated.
Assumptions:
1.) Running SQL Server 2000 on Windows 2000
2.) Using only Windows Authentication
3.) Have 2 databases
4.) I have a group of users that I need different
Access to each database.
a.) This group needs only "select" privileges to
the tables and views in "database 1"
b.) This same group needs DBA privileges
(Add, Remove, and modify Tables, Views, etc.)
to "database 2"
What would be the best, most efficient way to accomplish this? These users are currently a members of a Windows group which has only "select" privileges to the tables and views in "database 1".
View 1 Replies
View Related
Feb 17, 2005
Hello all guru's,
How can I tell what security patches I have currently on sql server 2000 and if I am up to date on all the latest security patches?
Thanks in advance.
View 2 Replies
View Related
Jan 16, 2007
Hi
I got a small problem with Sql Server 2000 which is installed on Windows XP.
I installed it long back and it used to work fine but suddenly I got the following problem when trying to open Enterprise Manger
“Error for the SQL Server:
A Connection could not established to (Local)
Reason: SSL Security error Connection Open (SECDoClienthandshake())…”
Tried a couple of things but no luck
Hopeso someone can help me!
Thanxs
Lakshmi
View 2 Replies
View Related
Nov 27, 2006
Hi
I'm going to put my database in setup file that I've been ready before.
My Software could be use from database after installing in every system , but other users won't be able to access to data or structure of database , even with adding of database to SQLServe Enterprise Manager .
How Should I can do about this ?
Tanks very much
View 3 Replies
View Related
Jan 12, 2006
We have experienced an issue with back backup / restore of a database originating from SQL Server 2000 to SQL Server 2003.
We have the following setup:
SQL Server 2000
- DatabaseA
- asdfUser (SQL User)
- asdfUser is (dbowner) of DatabaseA
- DatabaseB
- asdfUser (SQL User)
- asdfUser is (dbowner) of DatabaseB
SQL Server 2005 Standard
-asdfUser is NOT Setup as a user yet.
-We restore DatabaseA and DatabaseB to the SQL Server 2005 Standard. The databases are restored with the security permissions of asdfUser being the DB Owner of DatabaseA and DatabaseB.
-We create a new SQL user named asdfUser on the SQL Server 2005 box. We then try to add the UserMapping of DBOWNER for the DatabaseA and DatabaseB. We receive an error message stating that the asdfUser already have permissions to the databases. We proceed with the user creation without those permissions.
-We proceed to the login properties of the asdfuser and view their UserMappings. The asdfUser does not have access to DatabaseA or DatabaseB. We then add the UserMapping of DBOWNER to both DatabaseA and DatabaseB. We Try to select OK and we receive an error message that states that the user already has those permissions.
-When we query the UserID's of the asdfUser that is in the database and the UserID of the asdfUser that is created, they are two different values.
I assume this is a bug... any word on a fix?
View 1 Replies
View Related
Feb 12, 2002
We're moving several Version 7 databases to a SQL Server
2000 box.
How can I grant SQL Server 2000 security for three
"Named Instances"?
Thanks
Benny
View 1 Replies
View Related
Nov 20, 2007
i was trying to install sql server 2000 enterprise edition on win 2003 with SP1. i got stuck with this error sayinbg;"the driver software you are installing has not been properly signed with Autheticode(TM) technology. therefore windows cannot tell if the software has been modified since it was published. the publisher's identity cannot be verified because of a problem,
The installed INF file does not contain digital signature infromation"
Do you still want to install this driver software?
No matter what i click, either yes or no, it takes me nowhere. i googled it everywhere still could not find a solution. please let me know if you guys got any idea.
View 4 Replies
View Related
Jun 27, 2001
Hi
I want to setup a secure SSL connection between two MS SQL Server, over the Internet.
Can anyone please guide me in the right direction?
Thanks
View 2 Replies
View Related
Nov 8, 2007
First off is it possible to limit access to one specific table within a SQL 2000 database? If so could someone point me in the correct direction on doing this?
Thanks,
Terry
View 2 Replies
View Related
Oct 20, 2004
OK, we have a couple of MS SQL 2000 servers running in a Win2k AD domain.
Both machines are using mixed mode security, the issue appears to be this.
If I go into AD and change a groups name that has been granted access to
the SQL server, it doesn't seem to pick up on the name change.
I also can't add the new name to the SQL server, because of a conflict of a
SID.
So how do I get the MS SQL server to refresh the names of the native NT
groups that have been granted access, then have the names changed ??
View 3 Replies
View Related
Jul 23, 2005
Hi , I am trying to connect to MS Sql server 2000 from Java (1.4.2 /1.5 ). I installed my Sql Server(8.00.382) from the one supplied withVS.NET 2001. When I installed it on my laptop it did not ask me for auser name and password. After install when I re-started my machine Isee the server started up with a green light. Now when I connect to theserver from VS.NET it works fine. This is because VS uses windowsintegrated security. I now need to connect using Java , so I downloadedthe microsoft drivers for SQL2000-JDBC sp3 from the microsoft site. Iadded the jar files to my Java project classpath. I manage to registerthe driver in java :Class dbClass = ClassLoader.getSystemClassLoader().loadClass("com.microsoft.jdbc.sqlserver.SQLServerDriver");DriverManager.registerDriver((Driver) dbClass.newInstance() );Connection conn =DriverManager.getConnection("jdbc:microsoft:sqlserver://localhost:1433;_integrated security=SSPI");but cannot seem to get a connection as it gives an SQLException sayingthat it is unable to connect:java.sql.SQLException: [Microsoft][SQLServer 2000 Driver for JDBC]Errorestablishing socket.I cant seem to figure it out.Can some one help ??I am a newbie to sqlserver so couldnt quite figure out how to changeadmin password or create a new user with the tools provided with thisversion of sql (SQL Server Desktop Engine).Any help will be appreciated.Ebby
View 3 Replies
View Related
Sep 8, 2006
Hi all,
I have setup a new SQL 2000 SP4 and internal auditor query about revoke permission from Public role and remove guest from all databases.
1. Can I revoke all default permissions (select on system tables in all DBs) from "Public" role? I am concern any error after such action.
2. I found that guest account in DB -- master, tempdb and msdb. According to Microsoft documents. The account should not remove and can't from master and tempdb. How about msdb?
Thanks,
Regards,
Edwin
View 7 Replies
View Related
Jun 19, 2000
Hi:
Can anybody tell me the advantage and disadvantage to use NT security for SQL Server 7.0? For a corporation with 400 users, what is your recommendation for the SQL Server security management. Thanks.
Joan
View 1 Replies
View Related
Dec 4, 2014
I use from sql server 2008. and c#
what is the best connectionstring?
I don't know if i use Persist Security Info and Integrated Security or not?
And if yes then their value must be true or false?
View 1 Replies
View Related
Oct 14, 2005
Hello there I have trying to figure out for days how to enable FullTrust for my Reporting Services security extension.
View 9 Replies
View Related
Jul 31, 2007
Hi,
I have posted this issue for a week, haven't got any reply yet, I posted it again and desperately need your help.
The article http://msdn2.microsoft.com/en-us/library/ms365343.aspx says:
Model Item Security can be set for differnt security filters, but when I use SQL Server Management Studio to set Model Item Security, it seems "Permissions" property surpass "Model Item Security" property. -- My report server is using Custom Authentication.
For example, in "Permissions" property of the model, if I checked "Use these roles for each group or user account" without setting any user or group, no matter what users I added to "Model Item Security" with "Secure individual model items independently for this model" checked, NO one user can see the model on report manager and report builder;
in above situation, if I added "user1" and gave role such as "Browser" role to "user1" in "Permissions" property, if I checked "Secure individual model items independently for this model" in "Model Item Security" property, even I did NOT grant "user1" to root model and any entities under the model, the "user1" is able to access the model and all entities in report builder.
My question is on the same report model, how to set "AdminFilter" (empty security filter) for administrator permissions and set "GeneralFilter" (filtered on UserID) for general user based on their UserID?
The article also says:
"Security filters are always applied, even for users who have Content Manager or Administrator permissions to the model. To allow administrators or other users to see all rows of an entity on which row-level security is defined, you can create an empty security filter (which always returns True) and then use the filter to grant those users access to all the rows."
So I defined 2 filters "GeneralFilter" and "AdminFilter" for "Staff" entity for my report model "SSRSModel", I expect after I deployed the report model, the administrator users use report builder to build reports with all rows available, and the non-admin users can only see rows based on their UserID.
I can only get one result at a time but not both:
either the rows are filtered or not filtered at all, no matter how I set the "SecurityFilter" for the entity: I tried setting both "AdminFilter" and "GeneralFilter" for SecurityFilter at the same time, combination of "DefaultSecurityFilter" and "SecurityFilter", or one at a time.
Your help is highly appreciated!
Desperate developer
View 1 Replies
View Related
Apr 26, 2007
hi i want to know what is the differance between
Persist Security Info=False;Integrated Security=Yes;
View 1 Replies
View Related
Feb 24, 2005
Hello, i have a question that the sql server 2000 is install in window 2000 server. If i want to update to window 2003. Is that any problem in sql server 2000. I am worry about whether we will have problem after update. What i need to do? Many thanks.
View 5 Replies
View Related
Oct 18, 2015
Is there any possibility to schedule SQL job execution as Windows Security Group? I need to run powershell script through SQL job with one of this group member's permissions.Â
View 4 Replies
View Related
Jul 6, 2007
I have Sql Server Express installed on Vista (service pack 2)
I have Visual Studio 2005 with an application that I'm trying to access it with within a WCF service.
The login ID of the service is added to the database.
The database has remote access turned on.
The ID is granted access to all databases within the server.
The thread is being set with WindowsProvider and the services set their thread to WindowsProvider.
The dataserver is set with using Windows Authentication for security.
When I open my connection to the database, though, it reports the typically useless message that the connection is not allowed and that the server may not allow remote connections.
How to I get past this? I've done everything right.
View 1 Replies
View Related
Jun 18, 2007
I want to use an Active Directory security group that is a Distribution List for a new role assignment for an existing report. Can someone tell me if this is possible? I get an error each time I try:
The user or group name <DLName> is not recognized. (rsUnknownUserName)"
View 1 Replies
View Related
May 14, 2008
Hi folks,
I have created an EndPoint in SQL Server 2005 as per the code below.
CREATE ENDPOINT OSTC_LMS_Endpoint
AUTHORIZATION LMSEndPointUsers
STATE = STARTED
AS HTTP(
PATH = '/ostc_sql_endpoint',
AUTHENTICATION = (BASIC),
PORTS = (SSL),
SITE = 'OSTC-DEV-001'
)
FOR SOAP (
WEBMETHOD 'ostc_SQLSoapTester'
(name='OSTC_LMS_06.dbo.ostc_SQLSoapTester',
FORMAT = ROWSETS_ONLY,
SCHEMA=STANDARD),
WSDL = DEFAULT,
LOGIN_TYPE = MIXED,
SCHEMA = STANDARD,
DATABASE = 'OSTC_LMS_06',
NAMESPACE = 'http://tempUri.org/'
)
GO
USE master
GRANT CONNECT ON ENDPOINT::OSTC_LMS_Endpoint
TO [LMSEndPointUsers]
GO
USE master
GRANT CONNECT ON ENDPOINT::OSTC_LMS_Endpoint
TO [ostc-dev-001endPointUsers]
GO
-----------------------------------------------------------------------------------------------------------------
The SPROC being exposed as the webmethod: -
USE OSTC_LMS_06
IF EXISTS (SELECT name FROM sysobjects
WHERE name = 'ostc_SQLSoapTester' AND type = 'P')
DROP PROCEDURE ostc_SQLSoapTester
GO
CREATE PROCEDURE ostc_SQLSoapTester
@UsersId char(12)
AS
SET NOCOUNT ON
SELECT FIRST_NAME,FAMILY_NAME
FROM USERS
WHERE USERS_ID = @UsersId
GO
USE OSTC_LMS_06
GRANT EXECUTE ON ostc_SQLSoapTester
TO LMSEndPointUsers
GO
USE OSTC_LMS_06
GRANT EXECUTE ON ostc_SQLSoapTester
TO [ostc-dev-001endPointUsers]
GO
----------------------------------------------------------------------------------------------------------------
The computer in question is our dev server and is running as a workgroup machine with the following: -
Win Server 2003
SQL Server 2005
.net Framework 2.0
No firewalls or Proxies are in the way.
The computer has to be as a workgroup machine to reflect our live server.
The user LMSEndPointUsers is a SQL Server Login
The user ostc-dev-001endPointUsers is a machine login
We have employed the Security class as per the information given in the SQL Server documentation with the intention of using the WS-Security headers that apparently are to be used when trying to authenticate using a SQL Server login.
----------------------------------------------------------------------------------------------------------------
Code used to connect and try and reciev the dataset.
string sUserName = "userName";
string sPassword = "Password";
LMS_Endpoint.OSTC_LMS_Endpoint wsSQLTester = new LMS_Endpoint.OSTC_LMS_Endpoint();
SqlSoapHeader.Security sqlSec = new SqlSoapHeader.Security();
sqlSec.Username = sUserName;
sqlSec.Password = sPassword;
XmlWriter writer = XmlWriter.Create("Security.xml");
writer.WriteStartElement("security");
sqlSec.WriteXml(writer);
wsSQLTester.sqlSecurity = sqlSec;
DataSet dsMySet = wsSQLTester.ostc_SQLSoapTester("RH6915145507");
Basically authorization is denied 401.
Hope someone can help here as have tearing my hair out.
Thanks in advance
View 2 Replies
View Related
Aug 7, 2001
My SQL 7.0 server is currently querying the SAM database on the PDC for Windows NT authentication. How can I force it to use the SAM database on the server(BDC) that I specify?
View 1 Replies
View Related
Dec 8, 2013
Here is my Problem:
1. I have sql 2008 R2 running on my LocalHost.
2. Created Data Base [Customer].
3. Created Linked Server [CUSTOMERLINK] USING Microsoft Jet 4.0 to link to Drive F:Data which has DBF files in it.
4. Create dbo.Customer_Upload Table.
5. INSERT INTO [Customer].[dbo].[Customer_UpLoad]
([Name],[Email])
SELECT
NAME,EMAIL
FROM [CUSTOMERLINK]...[CUS]
All this works fine. I can even put it in to an After Insert Trigger on another table and it works.
My problem is that I need this to work in a scheduled job.
F:Data is just a folder with files in it.
This info is from a Restaurant POS system and I need to update it every night.
I have tried every which way to to setup the security issue as there isn't any login security on the folder and SqlServerAgent wants security.
View 4 Replies
View Related
May 14, 2015
If we have a "pool" SQL login, a one that uses SQL Server authentication, and this login is used by different domain account to access SQL Server, is there a way to audit which domain account used that "pool" login to do something on a object in SQL Server? I have to keep this way of accessing SQL Server, so how to create a login for every domain account accesses SQL Server
View 7 Replies
View Related
Feb 28, 2008
Hi All,
I would like to know, how the datetime will be stored in the sqlserver datetime column.
Because some time i am giving the date in dd/mm/yyyy and sometime mm/dd/yyyy.
while give the date in mm/dd/yyyy works fine but not in the another case. and also while i execute a query on query analyser it shows the datetime in
yyyy/mm/dd format.
So anyone can please tell me how the dates will be stored in the datetime column of sqlserver database?
Thanks in Advance.
Regards,
Dhanasekaran. G
View 2 Replies
View Related
Sep 14, 2004
I am currently running SQL Server 2000 Standard on my production system, and I am looking to upgrade the system to Windows 2000 Adv. Server. I would also like to upgrade SQL Server 2000 Standard to SQL Server 2000 Enterprise to utilize more than 2GB of memory. Can anyone tell me what is the best way to upgrade the system, and please provide some feedback on your experiences with the upgrade. Thanks in advance.
View 2 Replies
View Related
Jul 20, 2005
We are experiencing a problem with Sql Server 2000 linking to anAccess 97 file. We have two machines that link to this .mdb file, andwe recently upgraded one to newer hardware, SP3a, MDAC 2.8, etc. Thelink on this upgraded machine no longer works, giving this message:Server: Msg 7399, Level 16, State 1, Line 1OLE DB provider 'Microsoft.Jet.OLEDB.4.0' reported an error.[OLE/DB provider returned message: Cannot open a database created witha previous version of your application.]OLE DB error trace [OLE/DB Provider 'Microsoft.Jet.OLEDB.4.0'IDBInitialize::Initialize returned 0x80004005: ].The link on the older machine still works. We decided to tryconverting a copy of the file to Access 2000 to see if the newerpatches/drivers/whatever no longer supported 97. We set up a link onboth machines to this file, and they both work. However, on theupgraded machine, the following error is receievedServer: Msg 7399, Level 16, State 1, Line 1OLE DB provider 'Microsoft.Jet.OLEDB.4.0' reported an error.[OLE/DB provider returned message: System resource exceeded.]OLE DB error trace [OLE/DB Provider 'Microsoft.Jet.OLEDB.4.0'ICommandText::Execute returned 0x80004005: ].when making 1-3 connections to the the linked server, while the oldermachine supports at least 7 simultaneous queries connecting to thelinked server and still hasn't produced that error.Does anyone have any idea if there is a known issue with linking toAccess 97/2000 files under MDAC 2.8, Jet 4.0, etc? Any light anyonecan shine on this subject would be greatly appreciated.
View 1 Replies
View Related
Jul 20, 2005
What is the limitation of memory that SQL Server 2000 Standard can usewhen running on a Windows 2000 Advanced Server platform?
View 1 Replies
View Related
Sep 15, 2006
Hi, I need to know if somebody knows like making the update of Standard SQL 2000 to Enterprise. Greetings.
View 3 Replies
View Related
Jul 20, 2005
Is there anybody out there with a MS SQL 2K Security Baseline orSecurity Checklist. Where can I get one????Thanks in advanceDavid
View 1 Replies
View Related
Feb 28, 2008
Hi;
I am looking for a way to log all security related events for SQL in Windows Security Log. I am trying to use SCOM for monitoring SQL and I am looking at ways to generate alerts in my SCOM Console for specific events in SQL e.g. A table is deleted, user is modified, deleted, etc. Is this possible and if yes how do I achieve the same?
Rgds;
View 6 Replies
View Related