Restrict Backup To One Directory Pr. User/database
Sep 30, 2004
Hello
I have an MSSQL server where I would like to create a couple of databases, create one user pr. DB, and give them db_owner permissions.
Giving a user db_owner permissions allows the user to make a backup of the database, which is a good thing and I would like it to stay that way.
My problem is that I don't know how to restrict the user from saving the backup to any directory or filename that he wants to.
He can not get out of the directories that the user MSSQL is running under has access to. But he can overwrite another users backupfile or placing the file in the MSSQL-programfolder.
The users is using SQL Server authentication.
Can I restrict the backup procedure to save to only one file or in one directory?
What is the best practice regarding backup if you give your users db_owner permissions?
We can restrict users from accessing the databases from the security. But is there anyway , we can restrict users from seeing the available databases on the server, user can access and see the database he or she has access to other databases will not be visible?
I want to protect a field in a table...i want to restrict users to update the value in that field...by manually logging into that database...it can be updated only through the application...if any body manually update the field value....it has to be captured in log with old value....is it possible to do this sql server...if any of u says yes 'its possible' then :beer: other wise :eek:
after selecting the presetted directory .. i clicked ok and they said this," The file name specified is recongnized as a directory name. The file won't be able to be rewritten. Would you like to continue? "
then i clicked " Yes " .. - nothing happened .. then i clicked " Yes " .. - nothing happened again .. now i click ok again to close the "restore database" icon .. and they give me this.. i attached a screenshot .. pls have a look ..
i tried clicking "Manage Attachments" somewhere at the bottom of the page to upload .. but ragezone gave me a page telling me that they are sorry for any inconvenience caused .. so i cant attach it .. here is a link .. its kinda small .. but it says:
"Cannot open backup device 'C:Program FilesMicrosoft SQL ServerMSSQLBACKUP'. Device error or device off-line. See SQL Server error log files for more details. RESTORE DATABASE is terminating abnormally."
thank you for helping me .. thanks in advance .. http://img.photobucket.com/albums/v81/xiaoboy/error.bmp http://img.photobucket.com/albums/v...oy/untitled.bmp
I'm using Database Maintenance Plans in Enterprise Manager and I'm trying to backup a database to a different server using a UNC (i.e. \servernameackupdirectory). I have done this successfully with two SQL Servers but every time I try to set the third SQL Server to backup to a UNC I get this message:
The complete database backup directory '\servernameackupdirectory' is invalid.
The only differences that I can think of is that the server is Win2000 Advanced Server and the SQL Server is Enterprise Edn, where as the two that work are Standard Edn and are on Win2000 Servers (not Advanced).
Does anyone know why I am unable to do this on one SQL Server when I have had no trouble on the other two SQL Servers?
I have an ETL product, every 30 minutes it loads maybe a coupla 100K records of various construction into an SQL Server Db (2000 SP3, on Win 2000 Std Server also Win 2003 Ent Server). It really hammers the Db with a combination of batch insert update and insert fallback to update etc. It does not use 100% CPU actually and is IO bound. Works a treat.
Now the problem, someone has built a .Net ADO based front end, and for the 5 minutes my product runs every 30 minutes they have a hope in hell of getting a reasonable response for their select queries. Now my take is that maybe I can delay for 5ms after each transaction I do to allow the other user processes a chance. But better maybe would be for my ETL product Db user to have a lower priority than other Db users.
What is the best way to achieve this end? If I understood more about how SQL Server prioritizes users and their requests it might help. (round robin?)
I have an ETL product, every 30 minutes it loads maybe a coupla 100K records of various construction into an SQL Server Db (2000 SP3, on Win 2000 Std Server also Win 2003 Ent Server). It really hammers the Db with a combination of batch insert update and insert fallback to update etc. It does not use 100% CPU actually and is IO bound. Works a treat.
Now the problem, someone has built a .Net ADO based front end, and for the 5 minutes my product runs every 30 minutes they have a hope in hell of getting a reasonable response for their select queries. Now my take is that maybe I can delay for 5ms after each transaction I do to allow the other user processes a chance. But better maybe would be for my ETL products user to have a lower priority than other users.
What is the best way to achieve this end? If I understood more about how SQL Server prioritizes users and their requests it might help. (round robin?)
Is there a switch in 7.0 that I can set if I don't want users to see a certain column in a table.
Ex: TableA(column1, column2, column3) If they do a select * from tableA they will receive information on all three columns, I don't want them to see the last column3.
I have created a user Finance and I want to grant him access only to see views which are created under Schema called "FinanceQuery".
Note: View may use tables from multiple schemas example: dbo. Staging. ectÂ
By doing this, I want to achieve that this user Finance can see only Views created under Schema FinanceQuery and should not see any other objects (tables, Stored Procedures, Functions etc.)
Hello. I am trying to write a report that pulls information in from Active Directory. I have a view created that gets a listing of users and a view that creates a listing of user groups, but I can't seem to figure out how to get all user groups that are associated with the users. This is what I have.
SELECT TOP 100 PERCENT * FROM OPENQUERY(ADSI, 'SELECT cn, groupMembershipSAM FROM ''LDAP://wmdomain.local'' WHERE objectcategory=''group''') Rowset_1
SELECT * FROM OPENQUERY(ADSI, 'SELECT title, displayName, sAMAccountName, givenName, telephoneNumber, facsimileTelephoneNumber, sn FROM ''LDAP://wmdomain.local'' WHERE objectCategory = ''Person'' AND objectClass = ''user''') Rowset_1
I have few SQL user who has permissions on different databases. When they are accessing MSSQL server from Enterprise Manager they can see all Databases but can not access them and they can change file size allocated to them. I want to restrict this and they can only see database belongs to respective user and restrict user to change allocated size. Please help me with this as I am not able to find the solution.
I am using a SSAS cube as my data source for my reports. I have set up the roles on the cube and that works fine.
However, in my reports I want to be able to restrict the report filters based on the user that logs in.
E.G. we have a list of users from different countries. if a user from the US logs in then the country filter should have only USA in it. If a Japan user logs in then the country list should have only Japan.
Currently, the country filter still has all the countries but the logged in user can only get data for his country. I want that list to only be populated with user country only.
I think it has something to do with the dataset that is populating the country list but I have no idea as to how to fix it.
I am designing wepage using Asp.net with Sql server as database. I have used Multiline textbox in which user has to enter their family detail. Like number of brother and sister family status, source of Earning for family.
But User do not have to enter his/her phone/contact number. For that I restricted the user to enter any nuberic digit through asp.net Regex. But User is too smart now they are entering his/her contact number in words.
Suppose somebody's Contact number is 533445928 as they can not enter numberic digit because of asp.net regex which allows the user to enter only alphabets. Now they are entering their contact number in words like five three three four four nine two eight seven. I would like to restrict the user to enter contact detail in words also.
I have two databases DB1 and DB2 DB1 has a source table named 'Source' I have created a login 'Test_user' in DB2 with Public access. I have also created a view named 'Test_view' in DB2 which references data from DB1.dbo.Source
I have two databases DB1 and DB2 DB1 has a source table named 'Source' I have created a login 'Test_user' in DB2 with Public access. I have also created a view named 'Test_view' in DB2 which references data from DB1.dbo.Source
hi this is raja sekar.k from bangalore,i need to know how to make a webform with the "BACKUP SQL DATABASE " from a user.. if it is possible.. please help me ..thanksregards Raja Sekar.kChola software consulting pvt ltd..Bangalore
I need to have an Application owner backup a SQL Server dbase after his updates. Im not that familiar with ISQL. He does not have EM installed on his machine. What minimum installments do I have to do on his machine for him to log into SQL Server, after I create a login for him ? Once in the command window I would give him the script of isql -Usa -Ppassword -SSqlServerA -Q "BACKUP DATABASE [test] TO DISK = N'E:Program FilesMicrosoft SQL ServerMSSQLBackupdbase1' WITH NOINIT , NOUNLOAD , NAME = N'test backup', NOSKIP , STATS = 10, NOFORMAT"
In order to take automated backup of all user databases below is the query. This query will eliminate use of manual backups for user databases, in order to fully automate this just create a SQL Agent job and write this query in the job and forget about taking any manual DB backups.
DECLARE @name VARCHAR(50) -- database name DECLARE @path VARCHAR(256) -- path for backup files DECLARE @fileName VARCHAR(256) -- filename for backup DECLARE @fileDate VARCHAR(20) -- used for file name SET @path = 'C:DB_BKPUP'
I have a problem with databases that are left in single user mode after transaction log backup. I have a database maintenance plan job that backs up the transaction log and checks data and index linkage every hour. Sometimes the job fails and when I look in the report file it says that it has tred to put the database in single user mode and failed because the database is in use and then in the next step it says that it cannot perform the operation because there already is a user in the database.
Why is the database put in single user mode? What can I do to avoid finding my databases in single user mode?
Below is a part of the report file:
[Microsoft SQL-DMO (ODBC SQLState: 42000)] Error 15089: [Microsoft][ODBC SQL Server Driver][SQL Server]Cannot change the 'single user' option of a database while another user is in the database. [1] Database BV Produktion: Check Data and Index Linkage...
** Execution Time: 0 hrs, 0 mins, 1 secs **
[2] Database BV Projektering: Check Data and Index Linkage... [Microsoft SQL-DMO (ODBC SQLState: 42000)] Error 924: [Microsoft][ODBC SQL Server Driver][SQL Server]Database 'BV Projektering' is already open and can only have one user at a time. [Microsoft][ODBC SQL Server Driver][SQL Server]Only the owner of object 'dms_user' can run DBCC CHECKTABLE on it. [Microsoft][ODBC SQL Server Driver][SQL Server]Database 'BV Projektering' is already open and can only have one user at a time. [Microsoft][ODBC SQL Server Driver][SQL Server]DBCC execution completed. If DBCC printed error messages, contact your system administrator.
The following errors were found:
[Microsoft][ODBC SQL Server Driver][SQL Server]Database 'BV Projektering' is already open and can only have one user at a time. [Microsoft][ODBC SQL Server Driver][SQL Server]Only the owner of object 'dms_user' can run DBCC CHECKTABLE on it. [Microsoft][ODBC SQL Server Driver][SQL Server]Database 'BV Projektering' is already open and can only have one user at a time. [Microsoft][ODBC SQL Server Driver][SQL Server]DBCC execution completed. If DBCC printed error messages, contact your system administrator. ** Execution Time: 0 hrs, 0 mins, 9 secs **
Hello. I am trying to perform a backup and restore of a user's default database. the user- "myuser", was created with a default database. I have backed the user database and tried to restore it in different ways and I always get the same error when trying to connect with the user after restore:
"Cannot open user default database.Login failed (error 4064)".
It happens if I don't delete the user before restoring the database.
If I try to delete the user before restore and create it afterwards, when I try to set the default user database to the same database I get the error:
"user, group or role 'myuser' already exist in the database"
And when I try to delete the user from the restored database (in order to recreate it) I cannot, because the user's schema is connected to objects in the database.
Can anyone help?... How do I restore?? Thanx, Nili.
vendor did a full backup for his database and put some folder not being backed up by TSM, he is the owner of the database, and delete his backup later. The backup is not copy only, all the differential and log backups taken are based on his FULL backup. so they cannot be restored.
QUESTION: To prevent this happen in the future, what is the normal practices? or any way to prevent db_owner to do the ad-hoc full backup? I am thinking of using DENY backup database, or write a policy  claiming no responsibility if vendor make it happen again.
Hello!MSQL2000:I want to make db-backup (maintenance) but haven't enough space on thediscs that are physically in the machine. I have enough on the network, buti can't choose an network-drive, wheni want to specify the backup directory.What to do?/Bjørn
WE HAVE RECENTLY MOVED THE MSSQLBACKUP FOLDER TO EMC DRIVES E:, BUT SQL IS STILL DEFAULTING BACKUPS TO THE ORIGINAL DEFAULT LOCATION WHICH WAS ON THE D: DRIVE. DOES ANYONE KNOW HOW TO CHANGE THIS? I KNOW THE ORIGINIAL LOCATION IS STORED IN THE REGISTRY, BUT I DON'T KNOW IF I CAN CHANGE THE REGISTRY OR IF THERE IS A DIFFERENT PLACE. CAN SOMEONE PLEASE HELP.
I'm looking to get the drive letter and path for my backups programmatically. I am monitoring my sqlserver boxes remotely and need to get this information to determine if my backups will fit on the backup drive.
I'm looking for either a sql statement or a stored procedure to accomplish this.
For example...the backup script states: EXECUTE master.dbo.xp_create_subdir N'H:MSSQLBackupmaster'
I am getting a backup file in default directory by using this script
Code Block BACKUP DATABASE CPHONE TO DISK = 'CPHONE.Bak' -- send to default pathaway WITH FORMAT, NAME = 'Full Backup of CPHONE'
Is there any way to find where is the default path of the SQL server, in order to show to the user from a VB program in which pathway the database back up is stored