In SQL2005, is it possible to restrict incoming sql or windows authentication logins by source hostname or IP address? Perhaps using endpoints?
We are currently using hosts file on the db server as a temporary solution, but the SA will not allow us to use this as a permanent solution.
The app team I support is asking me to build an "idiot proof" database so that an Dev or Test app server they may configure, doesn't unintentionally connect to the Production database and damage/alter data.
Don't worry, I've already asked if they can't follow some kind of M&P's to prevent this kind of silly behavior, but they insist on DBA team creating a bullet-proof database that can outsmart app developers who try to attempt something dumb like this.
Any ideas or suggestions would be greatly appreciated.
Here is what I need to do, maybe someone could tell me what to do. I need to create a login (I got that part) and then limit that login to only be able to see one of the databases on the server. So this is what I'm looking for.
user1 logs in to the server user1 can only see the database I want them to see and can not see anything else, no msdb, no tempdb, no security, no management etc. I also need this user to be read only (only able to run select statements) and this user will not be the owner of the database
I am using a SSAS cube as my data source for my reports. I have set up the roles on the cube and that works fine.
However, in my reports I want to be able to restrict the report filters based on the user that logs in.
E.G. we have a list of users from different countries. if a user from the US logs in then the country filter should have only USA in it. If a Japan user logs in then the country list should have only Japan.
Currently, the country filter still has all the countries but the logged in user can only get data for his country. I want that list to only be populated with user country only.
I think it has something to do with the dataset that is populating the country list but I have no idea as to how to fix it.
Hello all - this has now happened to me on a few occasions (different installs, different sites, etc.), but my client PCs cannot access Report Manager by the server's hostname (even though I can ping by hostname from the client).
For instance, if I try:
http://ovenserver/reports
I get the infamous "Internet Explorer cannot display the webpage" message.
If I try:
http://10.0.0.20/reports
The Report Manager loads properly without a hitch.
I know I am missing something simple here - can anyone help?
I currently have the following connection string set up in Excel to connect to my SQL db:
Provider=SQLOLEDB.1;Persist Security Info=True;User ID=XXXXXX;Initial Catalog=YYYYY;Data Source=SQL;Use Procedure for Prepare=1;Auto Translate=True;Packet Size=4096;Workstation ID=PROJMNT1;Use Encryption for Data=False;Tag with column collation when possible=False
What I would like to do is replace the Workstation ID (which apparently is hard coded?) so that the user's workstation name pulls (%COMPUTERNAME%) so that I can see who is connecting, using what, for how long etc etc.
Is there any way of not allowing users with MS Access from using it to connect to a SQL 7 server? Basically, no connection to SQL through MS Access should be allowed. Any ideas?
I need some help. When we install the Database at the clients end, the client can see all the SQL tables, views and stored procedure in the Enterprise Manager. Is there a way via which you can restrict the client from viewing the tables in SQL Enterprise manager?
I hope you understand my question. I would be oblidged if my friends could help me...
My users have sa rights to our SQL servers. I want to restrict their access to the C: so that they do not restore DB's there.
I thought at first I could create a Windows user that runs the SQL Service then grant them read rights to the C:. This does not give the user enough rights to start the service.
My users have sa rights to our SQL servers. I want to restrict their access to the C: so that they do not restore DB's there.
I thought I could create a Windows user that runs the SQL Service then grant them read rights to the C:. This does not give the user enough rights to start the service.
2. Encrypt contents of the whole database. Is there anything available in SQL Server 2005 (server or DB settings) which encrypt the contents. I do not want to explicitly encrypt individual columns !!
We have a situation where we need to restrict access to a sql server data file. That is, to prevent users viewing any tables, stored procedures, etc, in sql server or another tool. We are providing a our database as part of an application install to a customer's site which will run isolated on the customers network. However the application will have sql server logins and the system must still be able to execute stored procedures.
The setup unfortunately cannot be changed and we are trying to think of best implementations for this. Our customers are also working with competitors so we are very conscious about exposing our data structures to anyone outside of our company, hence trying to restrict access. If deployed to a sql instance on the customer site then they will have database administrator accounts on the server.
I have few SQL user who has permissions on different databases. When they are accessing MSSQL server from Enterprise Manager they can see all Databases but can not access them and they can change file size allocated to them. I want to restrict this and they can only see database belongs to respective user and restrict user to change allocated size. Please help me with this as I am not able to find the solution.
I have added several Active Directory groups and set the system roles for each to "System User" and set one of the groups (DBAdmin) to "System Adminstrator"
My issue is that even after doing this, the users in the other groups are able to access the "Configure site-wide security" link under Security and change the permissions. The only system permission these users have is "View shared schedules" so it doesn't seem that this should be possible.
I would appreciate any feedback on this issue. Thanks!
I have a single database and 5 user which use this database for DDL and DML operations.
The problem we are facing here is, every time a user need to do some work in this database he/she had to ask(manually) to rest of the 4 users whether they are doing some task over the same DB or not. Sometime due to communication gap one user open any transaction which creates a deadlock for another user to execute any query over the same tables in this DBI want to get rid of this problem by making it configurable from SQL Server part so that if any user which is already accessing this DB, so the other user don't get access to it, kind of Mutually exclusive behavior.
I'm looking to deploy some SQL Server reports and I want to restrict the access that the users have. Currently when connecting to the reports site they have access to a lot of functionality through the header bar, for example - Properties - New Folder - New Data Source - My Subscriptions - Site Settings - Search etc.
How can I disbale or hide all these options so that all the user sees is the list of reports?
Hello AllI am using SQL server 2000 as the backend of my application but don'twant my clients tobe able to view or edit the database tables, storedprocedures , view etc using enterprise manager or query analyser (orsimilar tools)How can this be done ?I searched a lot for this but unable to get the correct answer isthere anybody to give full solution regarding this.Please relpy me as early as possible
I have two databases DB1 and DB2 DB1 has a source table named 'Source' I have created a login 'Test_user' in DB2 with Public access. I have also created a view named 'Test_view' in DB2 which references data from DB1.dbo.Source
I have two databases DB1 and DB2 DB1 has a source table named 'Source' I have created a login 'Test_user' in DB2 with Public access. I have also created a view named 'Test_view' in DB2 which references data from DB1.dbo.Source
I am setting up the SQL2005 reporting service to let users build their own reports on the web. I'll provide them with pre-built report models. We have concern with SQL database performance by allowing users to execute huge reports. The problem that I have is: If I give the users permissions to build report they'll have access to the report's Properties | Execution page, which allows them to disable the report execution timeout. Is there a way for me to allow them build reports while restrict them to access the report execution timeout settings?
Problem: ======== A few records in a particular table are getting updated with incorrect values everyday somehow by some process. No one is manually changing these records. Every morning I query the database and fix these records. But somehow they again get set to the incorrect values.
So I want to figure out how this is happening. I'm thinking of creating an update trigger on that table. And whenever this update trigger is fired, check the modified record's id and if it is the problematic record, then get the hostname, username, processid which is doing this update.
Can someone give me ideas on how to get the hostname, username.
I want to capture hostname of the client computer making changes to a table on the server. I tried to use sysprocesses table, but the max(last_batch) column is giving the datetime and hostname of previously ran query. I need to find the hostname of the client who is making change at that instant of time.
I have problem with identitys when subscriptions uploads new inserted data, I need somehow create a partitions for each user. All user need exactly the same data (now 10 user but in future about 100 users).
In the database is 116 tables and still growing. Because this is a project i working with.
My system is a one Server, one publication and server is acting as its own distibutor, and multi users
I have really problems with conflicts plz somebody help
I'm having trouble with my Merge Replication setup in regards to changing the HostName property of the SqlCeReplication object. As we all know, if you modify the HostName value, you must then call the ReinitializeSubscription(true) method before calling Synchronize(). Unfortunately, this isn't working for me. Following this sequence of steps consistently results in error messages saying that I need to either call ReinitializeSubscription, or change my HostName back to it's original value. Has anyone ever experienced this problem?
