Restricting Access To EM
Jun 25, 2003
First some explaination then the question. I have some users that legally or otherwise have gotten copies of SQL 2000 and installed it on thier local PC's. They are now using Enterprise Manager to connect to my database servers via IP and server name. They are using thier regular user id and passwords that they would use to log into the HR and Finance applications. For obvious reasons this is not a good thing. Now the question, can I some how restrict connections via EM to just thoses with an sa role? Or am I doing something else wrong or missed some hidden configuration.
Thanks in advance!
T.C.
View 8 Replies
ADVERTISEMENT
Feb 21, 2006
Hi
I wish to setup a database that can be viewed only by a few users. How do I stop other users and the general public from seeing the database and its structures.
Cheers
Al
View 6 Replies
View Related
Jan 6, 2007
Hi all,
I have a user who I only want to provide access to a single folder within
RS2005. I don't seem to be able todo this, they can either see everything or
nothing at all.
What am I missing? Any help much appreciated.
Kind regards
Tarun
View 10 Replies
View Related
Jul 12, 2000
Hi all
Certain people in our company want to use Crystal Reports for data-processing. Problem is we want them to NOT be able to access data in databases within the live server.
Given that we use trusted connection to validate all kind of data-access, I am wondering if there is a way so that (via NT administration or via some SQL Server security features)
the live-server can refuse any connection request from the Crystal Reports application. At the moment the same group of people are allowed access to database (and should remain to be so) on this "live" server via some other applications (e.g. Microsoft Access).
Any advice is welcomed.
Simon
View 1 Replies
View Related
Oct 5, 2005
I'm going through the SQLSecurity Checklist I found at sqlsecurity.com. One of the points it says to "Restrict to sysadmins-only access to stored procedures and extended stored procedures that you believe could pose a threat." It also lists a bunch of stored procs and extended stored procs that you should consider restricting to sysadmins only. I was wondering if someone could give me some pointers on how to do this? I would like to write a script that I could run on every sql server 2000 install that would do this. How could I ensure that every user does not have access except the sysadmins?
Thanks,
Chris
View 11 Replies
View Related
Dec 12, 2006
Hello everyone,
I have a design problem which I am hoping somebody can shed some light on.
I am running SQL Server 2000 using SQL authenticaiton (due to be changed to Windows authentication in the next 6 months). I have a table in my database which we shall call monthly. I want to restrict the ability to insert to the monthly table to 2 stored procedures (proc_abc & proc_xy) which I have written which do various other validation checks before it inserts the data into monthly.
Users with the Foo function assigned are able to execute proc_abc & proc_xy
I have written a VB application which can be used by users who are not familiar with SQL to be able to execute these stored procedures. (Must have Foo function in order to login to this application).
I want to restrict the ability to execute the stored procedures to users using the VB application only, and thus not be able to execute the stored procedure using Query Analyzer or such like for any Foo user.
Is there anyway I can do this?
One suggestion put to me is two split the functions. Have one function lets call it Top which can access the VB application and then have another function called Bottom which is able to execute the stored procedures. Only the VB app would have access to the Bottom credentials. But is this secure? Would I just hard code the credentials for the Bottom function user within the VB app? This doesn's seem a secure way of doing things to me.
Thanks for the help!
View 6 Replies
View Related
Oct 23, 2007
Hi
I'm building a data warehouse - my end users connect using Access via ODBC Microsoft SQL Server driver (2000.85.1117.00).
However, whenever they connect using Access via ODBC they get a huge list of sys and INFORMATION_SCHEMA views, in addition to the data warehouse tables they need to access.
How can I remove these sys and INFORMATION_SCHEMA views from the list of tables/views presented to the end user?
I've tried denying access by changing permissions to deny in the public role of the master database - I have also changed permissions in the public role in the data warehouse database. When I do this, the ODBC connection fails to retrieve any objects because it doesn't have access to sys.databases (and various other unspecified objects).
I'm stuck - help!
View 4 Replies
View Related
Jan 18, 2008
This is a slight re-stating from an older thread, which I think warrants some new discussion. The answer has always been that system administrators should have full access to everything on a system, including databases.
Although that is a logical position for internal IT departments it doesn't quite fit the model of systems with outsourced or external system support.
"If you don't trust your DBA, then you need a new DBA. They are in a position of authority for a reason and restricting that authority makes it impossible for them to do the job they are hired to do."
What about scenarios where you have local machine administrators that should NOT be given access to private data in a secured database, even though they need to be able to access and maintain everything else? And unfortunately some regulations are written about access to stored data whether encrypted or not...
In the modern world of Sarbanes-Oxley and PCI-DSS/CISP it is no longer so cut and dried. Especially where companies have software/hardware support contracts with third parties that require administrative access to other aspects of the systems.
So accepting that you might need someone to have administrative level access to the box but they should not be able to view the contents of a database installed on that box, what would you do?
Is there a way to create an adminstrative group that does not allow access to a specific named instance of SQL?
Is there a way to revoke access for one member of the administrators group only?
Thanks,
Ted
View 6 Replies
View Related
Jan 31, 2008
Hi,
How would I set permission for SQL Server 2005 "User A" to prevent access to System and other user databases, also How to hide the databases that "User A" has no rights to. I mean, when User A logs in, All other user databases are not visible to him/her.
Thanks,
View 6 Replies
View Related
Apr 21, 2004
Hello -
How can I restrict all databases on my system to 25 MB.
Can anyone provide me any script.
Regards,
Rubal
View 5 Replies
View Related
Jan 28, 2008
I have one log files which is almost filling up the disk so i added another files to different disk which has space of 150GB.
So can i restrict the first log files so that it won't get filled up. Will the log go to next files.
View 8 Replies
View Related
Dec 14, 2004
Hi
I have a table strcutre as follows.This is like a many to many relationship between category and Article. Now i need to pick 3 recrord from each category which has a relavancy 1 sorted by Article date Desc. ie.. from the recent articles..
I can fire 4 diff queries and restrict it using top keyword..
Can i do this in a Single query or in a better way..can anyone help me plz......
Rgds
jinu
Category
---------
catID - PK
CatName
Article
-------
ArticleID - PK
Name
Date
Category_Article
----------------
ArticleID - Composite Key(ArticleID,CatId)
CatID
Relavancy
View 8 Replies
View Related
Mar 29, 2007
I have a table with UpdateDate field and I want this field to be populated when a new record is inserted or an existing record is updated using the getdate().
But I dont want the users who insert or update records in this table to have control over this field. Meaning the users should not be able to populate or update this field.
At the same time when the user inserts or updates a record this field should be populated automatically.
Can this be done. Please let me know.
Thanks
Raj
View 3 Replies
View Related
Jul 23, 2005
I have a large table with approx 250000 rows in sql 2000. I need toreturn this from an asp page but the query to return this amount ofdata causes the asp to time out before the query completes.Is there any way in ado (or another way useable from asp / vb) that Ican run the query and then fetch a number of rows at a time? I can thene.g. pass the first batch of rows back to the client and then call forthe second batch.Any thoughts appreciated.
View 1 Replies
View Related
May 19, 2006
I want to restrict the number of records coming from an OLEDB source. I have 500 records in my source table and I want to process one record at a time
I have I set the MaxBufferRows parameter to 1and it l sends 8 records from OLEDB source
Any help is appreciated.
View 9 Replies
View Related
Jan 24, 2007
Hello
Is it possible to restrict the export of the header when exporting the report from the browser or at least restrict the export of the image.
Thanks
Inder
View 3 Replies
View Related
Nov 14, 2007
I want to give user
read access : to all tables in a database
write access: to tables only created by that user in a database
please help
Many thanks
View 4 Replies
View Related
Jan 14, 2002
Hi,
How the SQL enterprise manager registration using winodws NT authentication can be restricted on workstation.
Thanks
John Jayaseelan
View 4 Replies
View Related
Apr 29, 2008
I have users logging into a sql database using sql accounts. I've created below a simplified example of three tables in my 100+ table database. I have a sql table that holds extra information about the sql users and two data tables. I would like to restrict which records the user has access to in the manufacturer and automobile tables. I know I can add the UserID column to these two tables, and then add the appropriate userID into the UserID column of the manufacturer and automobile tables. Hence records in the automobile table with userid X will not be seen by userid Y. My question is, how can I possibly avoid modifying 1000+ sql queries to reference the UserID column? It would save me a lot of time if I can filter the results a user gets based on thier sql login/userid.
+--------------------------+
+ USERS TABLE
+
+ USERID int
+ Name varchar
+ Telephone varchar
+
+--------------------------+
+--------------------------+
+ MANUFACTURER TABLE
+
+ MANID int
+ Name varchar
+
+--------------------------+
+--------------------------+
+ AUTOMOBILE TABLE
+
+ AUTOID int
+ Name varchar
+
+--------------------------+
View 15 Replies
View Related
Feb 22, 2007
Would like to restrict the dates users can put as parameters. For example, I have a report showing all orders in year 2007. I have exposed Start Date and End Date parameters. When users click the 'View Report' button, the report will filter for orders where attribute EnteredDate is >= Start Date and <= End Date.
I want to restrict the users from entering a start date greater than today's date. Would also like to restrict them from entering an end date that is less than the start date parameter. How can I do this?
TIA.
ElSalsero
View 5 Replies
View Related
Aug 2, 2006
Hi
We are developing some applications for Sunit computers (In-vehicle computers) which have limited memory . Because the applications display maps, the will consume alot of memory. Because of this, we want to restrict the amount of memory and other resources SQL Server Express uses to a minimum. I've tried setting 'max server memory', which doesn't help too much as this is only a limit on the SQL engine and not the sqlserver.exe process. What other settings and restrictions can I apply to limit memory consumption by the process?
We have considered using SQL Server Everywhere, but as it doesn't support ODBC (will there be any ODBC support?), we are not too happy about using it. As of now, we have no experience with OLE DB, and the application is MFC 6.0 so we can't take advantage of ADO.NET
Best regards
Bjørnar Sundsbø
View 8 Replies
View Related
Apr 25, 2007
hi all,
Is there any way to restrict the user from selecting the parameters. For example: I have a list of 100 values in a multi-value parameter. I want to to restrict the user to select at the most N number of values.
If possible, process only the N number of values will also do.
Thnx in advance...
View 3 Replies
View Related
Feb 5, 2015
I want to provide access to one of my users to a database on the production server. I do not want this user to be able to view anything other than the tables in that database, or the other databases on my production server.
I gave him access to one DB - TestDB- and made him data_reader on that DB. I had set that as his default database. However, when he logs in using SSMS he can see from Object Explorer a listing of all the databases on that server, although he can't access any of those. This is an external user and I don't want him to see any of that stuff, including other objects (SPs, Views, etc.,) even within TestDB.
To summarize, I want to grant access to a windows user to see/select from ONLY tables in TestDB of my production server, and I do not want him to be able to see any objects other than tables of this DB from SSMS.
View 1 Replies
View Related
Jun 3, 1999
dear friend,
i run a sql command like this
select * from table_name
what i want is that if no. of records found are greater then 500 than it should stop the query and only show those 500 records dont go further and stop the process
waiting for reply
ashish bhatnagar
View 1 Replies
View Related
Jun 9, 2015
we have an application which lets users connect to production database with windows credentials, They are able access the sql tables too with windows login. I want to restrict them from accessing the sql tables. How do I do that.?I tried a db_deny but that prevented them from accessing the application too.
View 10 Replies
View Related
Aug 6, 2015
As a part of our infosec lockdown activity, we are giving a shared ID to all DBAs and would mandate them them to use that ID only. We have a tool from where they will do this activity.The situation what I am getting in with this is, what if they add give their own Active directory ID Sysadmin privileges or create a instance level Sysadmin to bypass our process.
View 9 Replies
View Related
Mar 17, 2008
Access Connection
create a new Connection Manager by right-clicking in the Connection Managers section of the design area of the screen. Select New OLE DB Connection to bring up the Configure OLE DB Connection Manager dialog box. Click New to open the Connection Manager. In the Provider drop-down list, choose the Microsoft Jet 4.0 OLE DB Provider and click OK.
Browse to the Access database file and connection set up---all good!!!
Dataflow task
Add an OLE DB Source component
Double-click the icon to open the OLE DB Source Editor. Set the OLE DB Connection Manager property to the Connection Manager that I created . Select Table from the Data Access Mode drop-down list.
I cannot see the tables set up as set up as pass-through table types to a Oracle 9i db
Any ideas please help
thanks in advance
Dave
View 2 Replies
View Related
Jun 10, 2015
I have recently upgraded to SQL2014 on Win2012. The Access front end program works fine.
But, previously created Excel reports with built in MS Queries now fail with the above error for users with MS 2013. The queries still work for users still using MS 2007.
I also cannot create any new queries and get the same error message. If I log on as myself on the domain to another PC with 2007 installed it works fine, so I don't think it is anything to do with AD groups or permissions.
View 6 Replies
View Related
Nov 12, 2015
We need to insert data/rows from a SQL Server 2014 database into MS Access database. The problem is, there are so many columns (100+) in the table and there are so many insert transactions of this kind (from different tables) that it is not very easy to write the code in VB.NET that lists all column names.
Both the Access and SQL Server tables have the same number of columns and the equivalent data types, so inserting is not really the problem. It's just that is there a way to do an insert statement in T-SQL that does not name all the columns?
View 3 Replies
View Related
Oct 30, 2007
Hi guys,
I've been developing desktop client-server and web apps and have used Access and SQL Server Standard most of the time.
I'm looking into using SQL CE, and had a few questions that I can't seem to get a clear picture on:
- The documentation for CE says that it supports 256 simultaneous connections and offers the Isolation levels, Transactions, Locking, etc with a 4GB DB. But most people say that CE is strictly a single-user DB and should not be used as a DB Server.
Could CE be extended for use as a multi-user DB Server by creating a custom server such as a .NET Remoting Server hosted through a Windows Service (or any other custom host) on a machine whereby the CE DB would run in-process with this server on the machine which would then be accessed by multiple users from multiple machines??
Clients PCs -> Server PC hosting Remoting Service -> ADO.NET -> SQL CE
- and further more can we use Enterprise Services (Serviced Components) to connect to SQL CE and further extend this model to offer a pure high-quality DB Server?
Clients PCs -> Server PC hosting Remoting Service -> Enterprise Services -> ADO.NET -> SQL CE
Seems quite doable to me, but I may be wrong..please let me know either ways
Thanks,
CP
View 3 Replies
View Related
Jan 14, 2007
When running the following statement in SQL 2005, I get the error message "Access is denied":
exec master.dbo.xp_cmdshell 'TYPE \SERVER-BSHAREFILE.TXT'
The following are true about the network:
The SQL Server is installed on SERVER-A.
SERVER-A and SERVER-B are Windows 2003 servers on the same Windows 2003 domain.
The SQL Server and SQL Server Agent services are running under the domain account SQLSERVICE.
SQLSERVICE is a member of the Domain Admins group.
The Domain Admins group is part of the local Administrators group on SERVER-B.
The SQLSERVICE account has also explicitly been given Full Control to the folder referenced by \SERVER-BSHARE
xp_cmdshell use has been enabled on the SQL Server.
If I run the following command in SQL:
exec master.dbo.xp_cmdshell 'whoami'the following is returned: DOMAINSQLSERVICE
If I change the command to access the c: drive instead of a network drive, it executes successfully.
Can anyone shed some light on why I still cannot access any of the files in this folder using xp_cmdshell?
Tim
View 5 Replies
View Related
Feb 22, 2008
We have an application that requires write settings to reportserver virtual directory for the IUSR account when anonymous is turned on during the install. Once the install is complete, we lock down the IUSR account so that it only has browse access to the virtual directory when enabling anonymous access.
We automate the uninstall and install of our daily builds and I'm trying to figure out if I can automated this process somehow either through command line utility or in vbs.
Your help is greatly appreciated...
Eric
View 1 Replies
View Related