I HAVE CREATED A SECURITY DATABASE USING A NEW WORKGROUP FILE WITH A NEW MDW FILE NAME. THE DATABASE ITSELF CONTAINS SEVERAL GROUPS OF USERS AND SEVERAL USERS. THE DATABASE WORKS AS DESIGNED.
THE PROBLEMS IS IF I OPEN THIS DATABASE USING THE SYSTEM.MDW FILE, THE DATABASE OPENS AND GIVE ME COMPLETE ACCESS TO EVERYTHING.
CAN ANYONE EXPLAIN WHAT IS HAPPENING.
ANY HELP WILL BE APPRECIATED
THANKING YOU IN ADVANCE
JOSEPH FORD
Dear All,Access adp on sql-server 2000After upgrating to A2003 updating data with 1 perticular combobox causes theprogram to hangs without any error-msg.Traying to change te combobox recordsource i get this error:This version of Microsoft Access doesn't support design changes to theversion of Microsoft SQL Server your project is connected to. See theMicrosoft Office Update Web site for the latest information and downloads(on the Help menu, click Office on the Web). Your design changes will not besaved.The solution in :http://support.microsoft.com/defaul...kb;en-us;313298tolks about SP 'dt_verstamp007' but I have SP 'dt_verstamp006'What should I do.Is the failure of the combobox also caused by the absence of dt_verstamp007???Filip
View 2 Replies View Relatedodbc_pconnect() [function.odbc-pconnect]: SQL error: [Microsoft][ODBC Microsoft Access Driver] System resource exceeded., SQL state S1001 in SQLConnect
we got the error with access 2000 database and PHP as prog. language .
we created dsn for the connection.
reboot solves the problem. but we need another solution better than this.
Hello there I have trying to figure out for days how to enable FullTrust for my Reporting Services security extension.
View 9 Replies View Relatedhello all member
View 14 Replies View RelatedI've just taken over the role of SQL Server DBA for my organization. I've been asked to go over the list of Microsoft patches that will be installed on our SQL Server boxes to see if there are any issues.
As of now, I'm going to Microsoft's site and reading up on the patches. But, they don't have any info on where there are any negative effects on SQL Server or other Microsoft products.
The patches are being installed on test servers and I plan on running a few jobs to test for any issues.
Does anyone know of any other resources I could check?
Thanks,
-jeff
Hi
I downloaded MBSA and ran it against my SQL 2005 Server. It tells me that I have a severe risk because
'The following databases have public access.Remove the public access if it is not required - tempdb , model , msdb , ReportServer , ReportServerTempDB'
I have checked these databases and each have the Guest User but it is disabled. If I check the database properties the public role has no permissions against the listed databases.
Is this a bug with MBSA? If not how do I remove Public Access?
-----BEGIN PGP SIGNED MESSAGE-----
- ----------------------------------------------------------------------
Title: SQL Server Remote Data Source Function Contain
Unchecked Buffers
Date: 20 February 2002
Software: Microsoft SQL Server
Impact: Run code of attacker's choice on server
Max Risk: Moderate
Bulletin: MS02-007
Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/MS02-007.asp.
- ----------------------------------------------------------------------
Issue:
======
One of the features of Structured Query Language (SQL) in
SQL Server 7.0 and 2000 is the ability to connect to remote data
sources. One capability of this feature is the ability to use
"ad hoc" connections to connect to remote data sources without
setting up a linked server for less-often used data-sources. This
is made possible through the use of OLE DB providers, which are
low-level data source providers. This capability is made possible
by invoking the OLE DB provider directly by name in a query to
connect to the remote data source.
An unchecked buffer exists in the handling of OLE DB provider names
in ad hoc connections. A buffer overrun could occur as a result and
could be used to either cause the SQL Server service to fail, or to
cause code to run in the security context of the SQL Server.
SQL Server can be configured to run in various security contexts,
and by default runs as a domain user. The precise privileges the
attacker could gain would depend on the specific security context
that the service runs in.
An attacker could exploit this vulnerability in one of two ways.
They could attempt to load and execute a database query that calls
one of the affected functions. Conversely, if a web-site or other
database front-end were configured to access and process arbitrary
queries, it could be possible for an attacker to provide inputs that
would cause the query to call one of the functions in question
with the appropriate malformed parameters.
Mitigating Factors:
====================
- The effect of exploiting the vulnerability would depend on the
specific configuration of the SQL Server service. SQL Server
can be configured to run in a security context chosen by the
administrator. By default, this context is as a domain user.
If the rule of least privilege has been followed, it would
minimize the amount of damage an attacker could achieve.
- Both vectors for exploiting the vulnerability could be blocked
by following best practices. Specifically, untrusted users
should not be able to load and execute queries of their choice
on a database server. In addition, publicly accessible database
queries should filter all inputs prior to processing.
Risk Rating:
============
- Internet systems: Moderate
- Intranet systems: Moderate
- Client systems: Moderate
Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletin at
http://www.microsoft.com/technet/security/bulletin/ms02-007.asp
for information on obtaining this patch.
-----BEGIN PGP SIGNED MESSAGE-----
- ----------------------------------------------------------------------
Title: SQL Server Remote Data Source Function Contain
Unchecked Buffers
Date: 20 February 2002
Software: Microsoft SQL Server
Impact: Run code of attacker's choice on server
Max Risk: Moderate
Bulletin: MS02-007
Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/MS02-007.asp.
- ----------------------------------------------------------------------
Issue:
======
One of the features of Structured Query Language (SQL) in
SQL Server 7.0 and 2000 is the ability to connect to remote data
sources. One capability of this feature is the ability to use
"ad hoc" connections to connect to remote data sources without
setting up a linked server for less-often used data-sources. This
is made possible through the use of OLE DB providers, which are
low-level data source providers. This capability is made possible
by invoking the OLE DB provider directly by name in a query to
connect to the remote data source.
An unchecked buffer exists in the handling of OLE DB provider names
in ad hoc connections. A buffer overrun could occur as a result and
could be used to either cause the SQL Server service to fail, or to
cause code to run in the security context of the SQL Server.
SQL Server can be configured to run in various security contexts,
and by default runs as a domain user. The precise privileges the
attacker could gain would depend on the specific security context
that the service runs in.
An attacker could exploit this vulnerability in one of two ways.
They could attempt to load and execute a database query that calls
one of the affected functions. Conversely, if a web-site or other
database front-end were configured to access and process arbitrary
queries, it could be possible for an attacker to provide inputs that
would cause the query to call one of the functions in question
with the appropriate malformed parameters.
Mitigating Factors:
====================
- The effect of exploiting the vulnerability would depend on the
specific configuration of the SQL Server service. SQL Server
can be configured to run in a security context chosen by the
administrator. By default, this context is as a domain user.
If the rule of least privilege has been followed, it would
minimize the amount of damage an attacker could achieve.
- Both vectors for exploiting the vulnerability could be blocked
by following best practices. Specifically, untrusted users
should not be able to load and execute queries of their choice
on a database server. In addition, publicly accessible database
queries should filter all inputs prior to processing.
Risk Rating:
============
- Internet systems: Moderate
- Intranet systems: Moderate
- Client systems: Moderate
Patch Availability:
===================
- A patch is available to fix this vulnerability. Please read the
Security Bulletin at
http://www.microsoft.com/technet/security/bulletin/ms02-007.asp
for information on obtaining this patch.
I am struggling in calling an SSIS package programatically using the Microsoft.SqlServer.Dts.Runtime namespace.
I am succesfuly connecting to the package insofar as I am able to retrieve the package ID (GUID), but when I call package.Execute I get a 'login failed for user' error, which indicates a security problem.
My ASP.NET app is running as a domain user which has temporary 'SA' rights on the server where the package is hosted. In addition, I have set the protection level on the package to 'DontSaveSensitive'.
What am I missing to be able to execute the package remotely?
TIA,
Rick
Hello,
I am trying to execute a DTS package that updates a SQL database from a Microsoft Access form using a command button. The computer I created the access app on is the same computer that hosts the SQL Server and when I run it form there it works fine. However when I run it from another machine across the network the package does not work and I am having login failure problems with other users even though I have added them to the database. I need to use Windows Authentication for this, here is the code I am using in VB on the MSFT Access form. Do I need to specify username & password if specifying a trusted connection?
Private Sub Command0_Click()
Dim dtsp As New DTS.Package
dtsp.LoadFromSQLServer "MYSERVER", "SERVER_USER_NAME", _
"USER_NAME_PWD",DTSSQLStgFlag_UseTrustedConnection, "", _
"", "", "TGImport"
dtsp.Execute
End Sub
Thanks Much!!
I'm switching over to SQL Server from Access I have an iif statement in access and i'm not to sure on how to do the same thing in SQL Server, any guidence is greatly appreciated. I was thinking about using a case statement but not sure on the syntax.
Access statment:
Sum(IIf([Hit_Ratio]![STATUS_CD]='B',1,0))+Sum(IIf([Hit_Ratio]![STATUS_CD]='Q',1,0))+Sum(IIf([Hit_Ratio]![STATUS_CD]='L',1,0))+Sum(IIf([Hit_Ratio]![STATUS_CD]='K',1,0)) AS Quoted
Here a query Microsoft Access Query That I would like to convert to SQL. What replace the Word "Last" in SQL SELECT Contacts.FirstName, Last(Contacts.LastName) AS LastofLastNameFROM ContactsGROUP BY Contacts.FirstName;
View 2 Replies View Relatedis it ms sql stand for microsoft access???
i am currently do a project.
i am headaching .about the database adn the asp.
so far all i knw is only asp, other no .. any suggestion ??
asp to MySQL ? will it work ????
here's a question i've always wondered the answer to,
you have a transaction log on sql 2000 which supposedly records all the sql commands (select, delete, insert, update) that are performed on your database.
now say you use ODBC and Microsoft ACCESS, you create a database file in Microsoft ACCESS with linked tables to your SQL Database via an ODBC connection.
now say you alter the data, maybe delete some records from that sql database using your linked table in Microsoft ACCESS
Would SQL 2000 (or any other version) record these actions in the log, even though the actions were carried out in Microsoft ACCESS? or has doing this completely negated the security offered by the transaction log feature?
do hope someone could shed some light on this, it's been bothering me for a while
Hi,
Today we are very pleased to announce the RTW release of Microsoft SQL Server 2005 Compact Edition Access Database Synchronizer (ADS) for which many of you been waiting eagerly.
Access Database Synchronizer provides a way to synchronize data between Microsoft Access database on a desktop and Microsoft SQL Server 2005 Compact Edition database on a device.
The salient features of this solution are summarized below
Ø Provides a synchronization solution between SQL Mobile/SSCE and MS Access. Data conversion is done while synchronizing the data.
Ø Synchronization happens when there is an active ActiveSync connection between the device and the desktop.
Ø There is no update to SQL Mobile/SSCE on the device. The solution consists of only of desktop side component which works with the existing client agent on the device.
Ø The solution is based on existing RDA replication model. Programming model is exactly the same as RDA today.
Ø Device applications written today do not need to be updated if the solution is upsized from access to SQL Server.
Ø There is no conflict detection/resolution.
The setup installs the desktop component required for synchronizing Microsoft Access database with SQL Server Compact Edition database on the device. It also includes a readme file which has the documentation for the solution and a sample application. The readme file can be downloaded separately. The sample application shows how the solution works and how to write applications for this solution. The components installed on the desktop can be used by third party applications to provide data synchronization between Microsoft Access database on the desktop and SQL Server Compact/SQL Mobile database on the device.
On a desktop, the following operating systems will be supported:
Ø Microsoft Windows XP Professional SP2
Ø Microsoft Windows XP Home Edition SP2
Ø Microsoft Windows XP Media Center Edition 2005 with Windows XP MCE 2005 Update Rollup 2installed.
Ø Microsoft Windows XP Tablet PC Edition SP2
Ø Microsoft Windows Vista (Only Windows Mobile 6.0 devices are supported)
On devices, the following operating systems will be supported:
Ø Windows Mobile 2003 Second Edition
Ø Windows CE 4.2
Ø Windows CE 5.0
Ø Windows Mobile 5.0
Ø Windows Mobile 6.0
The following versions of Microsoft Access will be supported:
Ø Microsoft Access 2000 SP3 (Microsoft Office 2000)
Ø Microsoft Access 2002 SP3 (Microsoft Office 2002)
Ø Microsoft Office Access 2003 SP2 (Microsoft Office 2003)
Ø Microsoft Office Access 2007
This solution will work with all installations for SQL Server Mobile Edition/SQL Server Compact Edition on devices. The sample application provided is supported only on Windows Mobile 5.0 Pocket PC edition.
For more details on ADS please see the readme
ADS Readme
Feedback
We look forward to you providing us feedback about this solution. You can provide us feedback at
SQL Server Mobile Edition/SQL Server Compact Edition MSDN Forum
And
SQL Server Compact Edition Blog
Thanks,
Manish Agnihotri, Program Manager
Someone please help, Ive downloaded and instsalled Microsoft Access Database Synchronizer (ADS) RTW onto my desktop and the files have installed to C:Program FilesMicrosoft SQL Server Compact Editionv3.1SyncAccess. Ive got a device running windows CE 5.0 connected to the desktop via USB. Ive installed all the necessary CAB files onto the device but how do I get the ADS working? What do I have to do with the files installed? I am fairly new to this so can someone please help me. Isnt there supose to be an option in the start menu to run the wizard, i don't seem to be getting this?
Thanks in advance
Sami
Hi,
I have a database in MSACCESS 2003 that is 680MB (after compacting) and contains 41 tables.
I tried to import these tables to SQL Server 2005 (express edition) using the :"upsizing wizard" provided in MSACCESS. The wizard works fine but all the tables are not being imported to SQL Server (only 19 tables are getting imported) and the size of the database in SQL Server (the ".mdf file") is 1.03 GB (I have tried using the "shrink" option also) . Further, when I try to open one of the tables (which has 625295 rows and 90 columns) , it takes lot of time to display all records.
So, my problem is do I need to set any options for any of these above issues, I tried to look for any information regarding this but was unsuccessful.
Any help on this will be very much helpful for me!
thanks
Hello I am developing a web application that will allow users to upload a .mdb file and from that file I need to populate an SQL database. I know the table name of the .mdb file, but I am unclear how to structure my data access layer correctly. How do I pull data from the .mdb file and once I have it how do i populate the SQL database?Any advice would be greatly appreciated.thanks!
View 1 Replies View RelatedHi,
I'm new to SQL server, still in the beginning stage of learning SQL Server. I'm here would like know, besides using the Connectivity from the DTS Designer to connect to different databases, is it possible to connect the database, i.e: Access via stored procedure? and how? Pls advise...
I'm have been trying to look for the solution via a lot of SQL Server site, but fail to get what I want.
What I'm trying to do is something like :
First connect to the Database and Query the data, after that insert it into another database....
Hi all,
I am currently working on a stored procedure in SQL 2000 where I use OPENROWSET function to read data from an Excel file into a temporary table.
It works fine when I logged in with username 'sa' and psswrd 'sa' but when I log in with another user name and password I get the following error:
"Ad hoc access to OLE DB provider 'Microsoft.Jet.OLEDB.40' has been denied.
You must access this provider through a linked server."
I am using VB 6.0 as front end. Is there anyway i can overcome this error?
Please help.
Dhiraj
Hi guys,
I need to provide some of my users an easy way of accessing a SQL Server table through MS Access so
that they can edit the data in the table.
Please let me know which of the following is more appropriate to accomplish this task.
1. Creating a Data Access Page (OR)
2. Creating a Link Table
I tried to create a Data Access Page but I could only be able to see but not edit the data in the table. But, I
guess there is a way to do that.
Please throw some light on this topic.
Thanks a lot for your time.
-RL
Does anyone know how to truncate a Mircrosoft Access table from an SSIS package?
View 7 Replies View Related
Hello,
I have microsoft access database. I want to use this database as source of SSIS transformation.
I have a data flow task which I want to get executed in Transaction with TransactionOption as "Required".
I tried using OLEDB datasource which uses oledb connection. I also tried using ADO.NET connection type with DataReader DataSource.
But in all cases at run time, it fires an error message as follows:
[DataReader Source [1]] Error: System.InvalidOperationException: The ITransactionLocal interface is not supported by the 'Microsoft.Jet.OLEDB.4.0' provider. Local transactions are unavailable with the current provider. at System.Data.OleDb.OleDbConnectionInternal.EnlistTransactionInternal(Transaction transaction, Boolean forcedAutomatic) at System.Data.OleDb.OleDbConnectionInternal.EnlistTransaction(Transaction transaction) at System.Data.OleDb.OleDbConnection.EnlistTransaction(Transaction transaction) at Microsoft.SqlServer.Dts.Runtime.ManagedHelper.GetManagedConnection(String assemblyQualifiedName, String connStr, Object transaction) at Microsoft.SqlServer.Dts.Runtime.Wrapper.IDTSConnectionManager90.AcquireConnection(Object pTransaction) at Microsoft.SqlServer.Dts.Pipeline.DataReaderSourceAdapter.AcquireConnections(Object transaction) at Microsoft.SqlServer.Dts.Pipeline.ManagedComponentHost.HostAcquireConnections(IDTSManagedComponentWrapper90 wrapper, Object transaction)
If I remove the transaction, the data flow task works perfectly fine.
Please suggest What mistake I am doing while connecting to MS Access database in side transaction??
The same mentioned configuration WITH TRANSACTION works perfectly fine for SQL Server AS SOURCE. Am I missing some very obvious thing??
Please suggest.
Hi All, I have recently moved jobs. From my last job I created a holiday database for the organisation, than I copied it on a storage device. Now, in my new job I would like to use same database. But the problem is most of the tables were linked. I know I can convert linked tables to local tables and I have tried it but it asks me for the new location with the same table names. Can some one please helpppppppppppppppppppppppppppppppppp I as I am really very desperate.
Thanks in advance.
Hi there guys, I am currently trying to achieve a seemingly simple task in VC++ 2005. I have made a very simple form in Microsoft Access which I wish to serve as the beginnings of something greater. I created a db in MS Access named links.mdb containing on table-> Table1. Table1 contains 1 column, "Links", and i wish to read these strings into variables in my Visual C++ Windows Forms Application.
What I have done so far...
In Visual C++, I clicked on Data->Add new data source, and followed the wizard to add the microsoft access database to my application by the name, "linksDataSet". I can see the table in my left hand "Data Sources" pane in VC++. All I need to know is how to access my database from here so that I can read these strings stored in my table. Also, would be possible to schedule my application to log on to a http server and retrieve these links every time the application is executed? How would I go about doing this?
Thank you very much for your time
Regards
Linden.
Not sure if I'm posting to the right group or not, pls tell me where else to post.
My question is: I have a microsoft access database on a client desktop that links to tables in sql server. Is there a way to encrypt the data that goes back and forth between access and sql?
Applied Access security feature to a database using its Security Wizard. Procedure went smoothly.
Been developing a software using VB 6.0 using an Access database as the main data source. Haven't had any problem manipulating the database via VB, but recently attempted to modify the database structure via Access, but was unable to do so, because either my username or password is allegedly invalid. Tried all passwords I can recall, but unable to get through. Haven't been able to create a new database, either.
Development of the software and creation of the Access database is being done on a stand alone laptop, that may or may not have been a workstation in a network.
Any help to resolve this issue would be appreciated.
Napatan
I would like some clarification please...
I have setup Windows Authentication to SQL2005 using a group with a default database. The group has access to the default database.
Now it's my understanding, if I have a user that's a member of the group, idividual access does not need to be setup to connect to SQL Server. Users connect on the credentials of the group... Is this a correct interpretation??
Ex: Windows groupname = SQLConnect Default db = Anydb
Anydb has groupname SQLConnect connect permissions
Windows username = test1 (is member of SQLConnect group)
Problem: test1 trys to login but gets an error that they can't connect to default db...
I am working with Microsoft Search on SQL 7.0 and the catalog will not populate properly. The NT event log says "Unable to access crawl seed. The operation timed out." Has anyone run into this before? I have been able to duplicate this problem on two boxes. Question 2: Is Microsoft Search stable at all?
View 1 Replies View RelatedI have an interesting challenge. we are not allowed to allow users direct access to data in our SQL Server. Audit requires us to take the data out of our production server and pass it to the user. my situation is i have a table in SQl with over 100,000 records and growing. i want to pass that to an access data base. i am utilizing DTS and a data transform.
i s there a better way? the package is running slow and even appears to freeze. i see this amount of data as growing as well.
Don S
Hello,
I'm new to ASP, but developping in Sql for years.
What we would like to have is that the user is accessing the database over it's own Windows Logon. Our triggers log quite some changes and are using UserName() for this. I've treid to force the IIS to accept Windows Integration only, the SqlDataSource users a connection that has Integrated Security = True. But when connection to the site i'm gatting error that there is no trusted connection for the user . (dot) ...
I suppose i'm missing something but could you give me a hint where to start looking..... THX
In the process of reviewing all Security access into our production servers, I found a user login name of 'BUILTIN/Administrators' with the type 'NT Group' in our production DB. I am not sure whether this Login was setup automatically when SQLServer was installed or it was setup by the administrator, who is no longer with the company? I was able to find out all the users in the Administrators NT group, but what threw me was the word 'BUILTIN' . Are there other Logins besides 'sa' that get setup during the install?
Thanks.
Helen