I am trying to lookup a dialog from conversation_endpoints, however if a dialog was created with the encryption setting to ON and thereis no master Key in the database then the record put in the conversation_endpoints is the same as one without encryption.
How can I distinguish between the one requested with no ecryption and requested with encryption but setup with none due to the lack of a key?
I need to start encrypting several fields in a database and have been doing some testing with a test database first. I've run into problems when attempting to restore the database on either the same server (but different database) or to a separate server.
First, here's how i created the symmetric key and encrypted data in the original database:
create master key
encryption by password = 'testAppleA3';
create certificate test
with subject = 'test certificate',
EXPIRY_DATE = '1/1/2010';
create symmetric key sk_Test
with algorithm = triple_des
encryption by certificate test;
open symmetric key sk_Test decryption by certificate test;
insert into employees values (101,'Jane Doe',encryptbykey(key_guid('sk_Test'),'$200000'));
insert into employees values(102,'Bob Jones',encryptbykey(key_guid('sk_Test'),'$500000'));
select * from employees
--delete from employees
select id,name,cast(decryptbykey(salary) as varchar(10)) as salary from employees
close all symmetric keys
Next I backup up this test database and restore it to a new database on a different server (same issue if restore to different database but on same server).
Then if i attempt to open the key in the new database and decrypt:
open symmetric key sk_Test decryption by certificate test;
I get the error: An error occurred during decryption.
Ok, well not unexpected, so reading the forums, i try doing the below first in the new database:
ALTER MASTER KEY ADD ENCRYPTION BY SERVICE MASTER KEY
Then I try opening the key again and get the error again:
An error occurred during decryption.
So then it occurs to me, maybe i need to drop and recreate it so i do
drop symmetric key sk_test
then
create symmetric key sk_Test
with algorithm = triple_des
encryption by certificate test;
and then try to open it.
Same error!
So then i decide, let's drop everything, the master key, the certificate and then symmetric key:
drop symmetric key sk_test
drop certificate test
drop master key
Then recreate the master key:
create master key
encryption by password = 'testAppleA3';
Restore the certificate from a backup i had made to a file:
CREATE CERTIFICATE test
FROM FILE = 'c:storedcertsencryptiontestcert'
Recreate the symmetric key again:
create symmetric key sk_Test
with algorithm = triple_des
encryption by certificate test;
And now open the key only to get the error:
Cannot decrypt or encrypt using the specified certificate, either because it has no private key or because the password provided for the private key is incorrect.
So what am I doing wrong here? In this scenario I would appear to have lost all access to decrypt the data in the database despite restoring from a backup which restored the symmetric key and certificate and i obviously know the password for the master key.
I also tried running the command
ALTER MASTER KEY ADD ENCRYPTION BY SERVICE MASTER KEY
again but this does not resolve the issue.
Thx.
At this point in time, I can think of nothing more annoying than a button that doesn't work. Especially when that button is the HELP button.
Inside SSIS designer, say I add a "derived column tool" to the data flow task. Now if I double-click on the "derived column tool", and then click on the help button in the dialog box that appears, NO help is displayed. What gives?
I am using 64 bit editions of win2k3 and ss05.
Hi,when i try to see the properties of database "sales" (sql server express 2005) in Management Studio Express, i get this error message: (besides, when i try to expand the database, i get the error that it's emty)Cannot show requested dialog.ADDITIONAL INFORMATION:Cannot show requested dialog. (Microsoft.SqlServer.Express.SqlMgmt)------------------------------An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.Express.ConnectionInfo)------------------------------The server principal "Myserveradmin" is not able to access the database "sales" under the current security context. (Microsoft SQL Server, Error: 916)But the webapplication still runs: i can insert records, update, delete ... from asp.net.Any way to recover it?ThanksTartuffe
View 4 Replies View RelatedWhen I start SQL Server Management Studio (Sql 2005), a blank dialog box pops up with nothing in it. The title in the dialog box is "Microsoft SQL Server Management Studio" and it has a yellow triangle with an explanation point in it but there is no message just an OK button. I have to click the OK button to continue on to connect to the Sql databases. It does this everytime I open it. Anyone else getting this and how can I get rid of it?
View 2 Replies View RelatedHi,Is it possible to avoid the last used server being in Query Analyzer'Connect to SQL Server' dialog by default(when I click on File/Connectin Query Analyzer) - I don't want to apply 'truncate table' scripts toa production server by mistake!Thanks
View 1 Replies View RelatedHi Remus
Thank you for the email reply.
However i am still not 100% clear, dialog security with certificates when there are hundreds of remote services seems a bit complicated.
I have a few more questions.
1. you said "When sending the first message (any direction), we look up the 'best' certificate for each user"
My inititor sevice is owned by dbo, i have created certificates only for named users not dbo, how would this work?
2. I am going to try settin gup this again, but at the central service i will create a seprate user for each remote service, authorize the remote certificate for this user and use this user in the remote service binding for that remote service, is this correct or am i still doing somehting wrong?
3. How does all of this relate to the endpoint security, i ahve the same scenario, 1 pricipal id with all remote certificates authorized for it for the endpoint? I have no idea how i would have to setup different user for each remote servcie as far as the endpoint goes as there is no remote service binding to dictate which user to use ?
I will keep try and experimenting maybe i will get it right sooner or later.
Thank You
Hi,
I'm trying to get the HelloWorld_CLR project that comes with the SQL 2005 samples download to work, which it seems to. However, after I run the application a few times, an exception indicating "the service queue ClientQueue is disabled." After running the following query I notice the body of the error message is consistently "The dialog has exceeded the specified LIFETIME."
select service_name as [SERVICE],
message_type_name as [TYPE],
CAST(message_body as nvarchar(max)) as BODY
from ClientQueue
I believe that the problem is a poison message causing a RECEIVE statement to get rolled back 5 times, disabling the queue. My question is: How do I troublshoot the issue from this point?
Thanks,
Chris
I created a new SSIS solution, right-clicked the default name "Package.dtsx" (under SSIS Packages), then renamed it. A dialog appears asking "Do you want to rename the package object as well"?
What are they referring to and what are the consequences of doing/not doing so?
Barkingdog
Hi,
SQL2K+SP4
When I load up Query Analyzer and click File -> Open to open up a query
file, the open file dialog is always sorted by - i don't know
alphabetically.
How can I set the default to open up with files ordered alphabetically?
Thanks
Helena
Hello again!
View 6 Replies View RelatedAs above
View 3 Replies View RelatedI am in the process of evaluating the use of Service broker for messaging in a load balanced configuration, and am not having any success. My configuration is as follows. 1) Master database on Box #1 which is the initiator of all dialogs 2) Target database on Box #2 3) Target database on Box #3 One of my goals is that the databases on Box #2 and #3 are as close to identical as possible. My routing table on Box #1 looks something like the following Name remote_service_name broker_instance address TargetOne TargetService
E96DC67E-F696-4D93-8545-C2E92157E32D tcp://server1:4022/ TargetTwo TargetService
56607120-26AA-4AAA-B9E4-F14689C40E41 tcp://server2:4022/ My messaging process begins with a dialog initiated from the master database (Box #1) to each of the target services. At this time, only the first server "tcp://server1:4022/" is receiving messages. The sys.transmission_queue shows a message outbound to "tcp://server2:4022/" with a blank status. I believe that my delivery problem has something to do with the resolution of the dialog certificate need for the conversation. The MSDN documentation states that: "Service Broker uses a remote service binding to locate the certificate to use for a new conversation...The certificate for user_name must correspond to the certificate for a user in the database that hosts the remote service." I am confused as to how I would configure remote service binding if one can not create more than one binding for the same remote_service_name. The following throws an exception on the last creation of the binding.
---CODE SNIP---
CREATE CERTIFICATE UFEDlgCertTargetPublic
has anyone encountered the "microsoft visual studio cannot shut down because a modal dialog is active. close the active dialog and try again." error when shutting down.
i have been getting that every once and awhile, and do not see any open dialog windows that need to be closed, and i end up having to end-task on my visual studio session.
does anyone know what is causing this error and how to avoid it?
thanks a bunch!
-dk
Hi There
I have done the following.
2 Servers across the net work Server A and Server B.
I have created private keys at each and copied to public keys across.
I create an endpoint at each with validation by the certificates. I then create appropriate users and logins at each and import the public certificates with authorization to the users who have send permission on the endpoints.
That is transport security sorted and it works.
Now from what i have learnt from examples, to setup dialog security i do the following.
create a private key in each DB :
create certificate Store001DialogPri
with subject = 'Store001DialogPri',
start_date = '07/20/2006'
active for begin_dialog = on;
go
I then copy the public key to each server, create a user only in each DB and import the public keys with authorization on the user. And grant send to the appropriate servcies to the user.
I then create appropriate remote service bindings with this user.
Now this works for me. Everythign seems A OK.
However i am going thorugh the Service Broker "bible", and there are a ton of steps i am not doing but my setup works ???
Steps i am not doing for example is when i create the private keys in the DB i should authorize them to a user i create who is then gratnted CONTROL permission on the SERVICES.
Now i do not do this but everything seems to be working. I thought i finally understood dialogs security but now i am totally confused ?
Is what i am doing correct ? If so why are these all these additinal steps mentioned ? WHat am i missing ?
Thanx
I'm studying course 2541B (Core Data Access with MVS 2005) and doing the labs.
Unit04 (Performing disconnected operations programmatocally) should show a dialog while running the solution but instead I just get a directorylisting of the /StoreTracker/ directory.
Why does this occur and what can i do about it?
I understand that Dialog Security + certificates can be used to encryption individual dialogs. I have several demos working now that do just this.However, I don't fully understand exactly when the messages are encrypted, and if they are ever written to a queue on the initiating service prior to being encrypted. I want to make sure that admins can't simply query the transmission queues to get clear text messages, because I have strict requirements that I encrypt all personal data that is stored anywhere in a database.
BOL is a little unclear on this topic. The relevant doc reads:For a dialog that uses security, Service Broker encrypts all
messages sent outside a SQL Server instance. Messages that remain within a SQL
Server instance are never encrypted. In dialog security, only the database that
hosts the initiating service and the database that hosts the target service need
to have access to the certificates used for security. That is, an instance that
performs message forwarding is not required to have the capability to decrypt
the messages that the instance forwards.Does this imply that message destined for an external service aren't encrypted until they leave the instance? Or does Service Broker figure out that the message is destined for a remote service and therefore applies encryption to the message_body prior to the message hitting the transmission queue on the initiating service?Many thanks, Kevin
I can't download this fix due to a block on FTM downloads and it is driving me round the bend.
Does anyone know where it is possible to get hold of the fix?
Was this included in SP1 (vs.net)?
when i want to open sql it show me error message and when i try again with ctrl+n it works but not complite! i have both .NET2003 and 2005 in my computer under mssql2005 windows2003EP
Failed to open connection dialog.
------------------------------
ADDITIONAL INFORMATION:
Could not load file or assembly 'SqlMgmt, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91' or one of its dependencies. Strong name validation failed. (Exception from HRESULT: 0x8013141A) (mscorlib)
------------------------------
Strong name validation failed. (Exception from HRESULT: 0x8013141A)
------------------------------
BUTTONS:
OK
------------------------------
Per MSDN instructions I downloaded the folliwng: .NET Framework 2.0, SQL Server 2005, SQL Server Compact 3.5, and Visual Basic Expess Edition. When following the tutorial to create a database, I was never able to see the Local Database template. I am taking the programming lessons in VB, and I am up to Creating Your First Datatbase. It is a requirement that SQL Server Compact 3.5 be installed. Which I have done.
I am working (or trying to work) in Management Studio. I have one database that I use on my one and only machine. ( I am not using any of the default databases.) I have several queries saved as files, which I open as needed. Every time I open a file I get that VERY ANOYING Connect to Database Engine dialog box. OK, it's no big thing. I don't use Server Authentication so all I have to do is hit enter and I get connected. But why should I even have to hit enter once after I'm already connected?
How can I MAKE IT STOP?
Thanks,
Gregory
Hi,
Please give me some idea to persist or set title of modal dialog during postback.
The title of modal dialog is going lost whenever postback happen on modal dialog.
document.title is not working after postback.
Thanks,
Sandeep, India
Hi! I'm wondering why is my sys.conversation_endpoints table inserting a new row for each message i send even when i reuse conversations?
when i send the first message i get the first row in the sys.conversation_endpoints with a uniqueidentifier for the conversation_handle. this uniqueidentifier is then saved in the table which i query the next time i send a message to reuse the dialog conversation.
But even though it looks like the uniqueidentifier is reused i still get a new row for every message i send with a different conversation_handle?
this happens in both target and initator db.
I've tried to understand this by i don't.
Also for the moment i don't end conversations. But as i understand it this shouldn't matter.
Also the message successfully arives to the target and sys.transmission_queue is empty in both databases.
Neither queues have any error messages in them.
Thanx
I already have VS2005 SP1 installed and after installing :
SQLServerCE31-EN.msi
SSCE31SDK-ENU.msi
SSCE31VSTools-ENU.exe
When I create a Smart Device project and and try to add a reference to SQL Server CE only the old version (3.0.3600.0) shows up. How do I get the new one (3.1) to show up?
Hello,
To quote my honorable colleague who posted some time ago in this forum "If i'd had any hair left, I'd pull it all out".
I am trying to run package from an external .NET app. The package is stored in the SQL server MSDB with protection level to 'Rely on sql server'
The package uses an environment variable for the configuration dtsconfig file.
I use manageddts to load the package from the sql server
LoadFromSqlServer
When I launch my app from the visual studio environment (in debug mode) I get this error message window:
Assertion Failed
at STrace.ReadTraceValues()
at STrace..cctor()
at ...
at ManagedHelper.GetNextManagedInfo(DTs_M...
This message window comes several times, one after the other. I have to click ignore to continue.
When i run this program from the command line , it runs without this message.
I've already put my package load in a separate function with debuggerstepthroug, but to no avail.
<System.Diagnostics.DebuggerStepThrough()> _
Private Function LoadPkg(ByRef app As Application, ByVal PackageName As String) As Package
Return app.LoadFromSqlServer(PackageName, m_SSISServername _
, "myname", "mypassw", Nothing)
End Function
Is there anything that can be done to avoid these warnings?
what is the difference between the Dialog security and the transport security?
If I disable the dialog security can the messages be sent to the a different SQL server instance. As the transport security will encrypt the messages.
If I don't create a certificate to be used by the transport security can the messages be sent to another SQL server instance?
Can a message be sent to another SQL Server instance without creating a REMOTE Service Binding?
Is there a way to render the PDF report in the same broswer window you just called it from without the Open/Save dialog box coming up. The report is being call directly by URL parameters for PDF format
View 11 Replies View RelatedHi Remus,
I just started looking into SB about a week ago, so my question is likely to be pretty lame. However, that's not going to stop me from asking it :-)
We're trying to do something similar to what you're describing here. How do you "reset" a dialog timer? Why would you need to deal with resetting timers (or with timers at all for that matter) in the event of a success? Couldn't you rewrite the logic to be as follows?
begin transaction
receive message
if message is web request
save state of request (http address, caller etc)
else if message is retry timer message
load state of request
endif
commit
do the web request (no transaction open)
if success
begin transaction
send back response
end conversation
commit
else
set a retry timer on the dialog (say 1 minute) using BEGIN DIALOG TIMER
endif
Also, when you set the retry timer you have to associate it with the saved request state, right? Otherwise, how will the service know which request to load on receipt of the timer message?
TIA.
www.codeplex.com/slm
Setting up Service Broker routes, endpoints and security is just too hard. One has to run pages and pages of Transact-SQL code just to get the €˜Hello, world€™ example work between two separate SQL Instances and the chances of making a mistake are overwhelming.
Well, not anymore! I€™ve just uploaded into the Service Broker team code gallery a new GUI tool for doing just that: easily configure two services to be able to have conversations. The tool uses the €˜Service Listing€™ concept. A Service Listing is like an identity card for a service. It is an XML document that contains all the necessary information needed to establish a conversation with that service. When two parties need to establish a conversation, they can exchange the Service Listings of the two services and the tool will create the entire infrastructure needed to establish the conversation. Optionally it can also create the message types and contracts supported by a target service in the initiator service database....
I saw a powerpoint slide with a Configure Sync Settings dialog in visual studio. I am unable to find this dialog in visual studio team system. Can someone tell me how to get to this Configure sync settings dialog?
View 4 Replies View Relatedwhen ever I send my message thru Service Broker I am getting an error message like this "
"Dialog security is not available for this conversation because there is no remote service binding for the target service. Create a remote service binding, or specify ENCRYPTION = OFF in the BEGIN DIALOG statement."
This I found in sys.transmission_queue
Please reply with your comments
Hello
I'm trying to use the Merge component. When i attach a datasource to the the component, the Select Input/Output dialog box should popup.. It does, but VS.NET is hanging and i can only shutdown the procesess...
Any idea how i should solve this? how can i re-register this component?
ps. sql 2005 sp1 is installed.
Thanks
Marco
Is there any description on what the Remember Password check box on this dialog box does? As far as I can tell, it doesn't do anything. Every time I open an item from a project, or create a new Query, I get asked for the password, no matter how many times I have given it for the Server before.
It looks so useful, but is frustrating not knowing how to use it.
Thanks,
-Rob