SQL Services Active IFrame Exploit
Mar 27, 2008
The problem is now, when the server auto run the sql agent, which is running sqlmgmt.exe or sqlmangr.exe in Task manager -> processes... , one of my drive (e.g. D: all *.htm, *.html, *.asp, *.aspx, *.ascx) which is setup for web hosting with sql server, all HTML related files are changing... iFrame java scipts will be added into the files...
once i stopped the sqlmgmt.exe and sqlmangr.exe... the changing stopped at the same time... so that i can recongize both .exe file will active the iFrame exploit... i dont' know if there inject on my sql server system in my server.... what should i do.... probably re-install the full sql server on my server or anyway to repair the service of the sql server??
View 3 Replies
ADVERTISEMENT
Dec 8, 2005
Hello,
I read the section related to membeship in the documentation and I have noticed that the aspnetdb.mdf file was generated on the fly. But how can I then exploit this file ? I have tried to access and create a new database with SqlServer 2005 Express but it didn't work. I manage it with the Database explorer of VWD 2005 Express, but why isn't it posssible with other database administration tools ?
Thanks a lot.
View 1 Replies
View Related
Feb 12, 2007
Any body has problems using report viewer in IFrame? Here is the observation i have....when you assign the report.Height = 400px. It is assigning the report body height to be 400px. when i say report body I mean report body only!!
The report parameters section is not included in 400px. The export, print, page navigation button sections is not in 400px either!! Given such properties, when you want to show report viewer in a pre-determined IFRAME (non-scrollable) height of 500px, part of the report and horizontal report scroll bar could disappear , if the paratemeters section is more than 100px (says >2 rows or more than 4 parameters)!!
can someone tell me how to lock the height of report viewer size that will include parameters + export,print + report body? or any workaround?
View 4 Replies
View Related
Feb 22, 2007
Hi there,
I need to understand why I am getting the following error when I run my deployed (remote) report embedded in an iframe within a page of my web application.
error:
An
error has occurred during report processing. (rsProcessingAborted)
Query
execution failed for data set 'cnMOOR'. (rsErrorExecutingCommand)For
more information about this error navigate to the report server on the local
server machine, or enable remote error
This happens when I fire the following code from a commandbutton:
AppSettingsReader cfgApp = new AppSettingsReader();
string prefix = Convert.ToString(cfgApp.GetValue("reporturlprefix", typeof(System.String)));
string reporturl = prefix + "Client&rs:Command=Render&rs:Format=HTML4.0&rc:Parameters=False&supplierid=" + Session["supplierId"].ToString() + "&clientid=" + ddlClient.SelectedItem.Value + "&startdate=" + txtStartDate.Text + "&enddate=" + txtEndDate.Text + "&ownertype=1";
SpecificClient.Attributes.Add("src", reporturl);
SpecificClient is the ID of the Iframe
on the same page I created a link - which runs the report perfectly - no permission problems.
<a href="http://server2003msrs/reportserver?/moorreports/Client&rs:Command=Render&rs:Format=HTML4.0&rc:Parameters=False&supplierid=28&clientid=71&startdate=2007-01-01&enddate=2007-02-16&ownertype=1">Test</a>
I don't understand why these two controls are behaving differently.
I'd appreciate some guidance with this as the deadline looms...
Helen
View 1 Replies
View Related
Sep 10, 2015
We have a SQL 7 and there are 11 DTS Packages present and the creation date is 2007. How can I know that these DTS Packages are active? And if they are active, what is the best way to move it to SQL 2012.
View 3 Replies
View Related
Apr 17, 2008
When we assign security in SRS, in the user name field we have to type the domainusername manually. We cannot see the drop down of all the users in Active directory. Is it possible to configure SRS to get the names from Active directory. If we add any new users to our AD, it automatically refreshes at certain set intervals.
I am talking to a similar function in Sharepoint.
I browsed through a bit on this and think it is not possible. But I want to make sure that I am on the right path.
Can you please correct me if my understanding is right?
I appreciate your help and thank you for your time,
View 3 Replies
View Related
May 23, 2007
I need to add one of our servers to active directory. I found some documents on SQL 2000 but no good document on SQL 2005. Can you please guide me to the documentation for this? Thanks
View 4 Replies
View Related
Nov 21, 2007
I hope someone can help.
I'm working on a web project that will display the reports in an iframe to the user. When I was using windows security It worked perfectly.
Now my boss wants me to use form based authentication instead that can authenticate against our current Active Directory. This is working perfectly and does authenticate correctly. The only problem is that when I load a report in the iframe http://myserver/reportserver/myreport-blah reporting services prompts the user to enter in windows credentials. Is there anyway to pass my form credentials to the report server so that the user doesn't have to log in again.
Both the report server and the web app are on the same server BUT in different virtual directories.
PS: I tried using the reportviewer control but it does not display things correctly. For example, I have use a multi select dropdown on the reports and it messes up the drop down when the user only has 1 selection (hiding the selection). If the user has more than one selection the drop down uses scroll bars. I would use the reportviewer control if it displayed exactly like it does when using alternate URL method.
Any help would be MUCH appreciated!
Thanks!
View 5 Replies
View Related
Jul 24, 2015
We have table where we want to populate the fields from Active Directory using Script Task in ssis 2008 .
CREATE TABLE [ZPTSMGR].[ActiveDirectoryRaw](
[Id] [int] IDENTITY(1,1) NOT NULL,
[LoginName] [nvarchar](50) NULL,
[LastName] [nvarchar](100) NULL,
[MiddleName] [nvarchar](50) NULL,
[FirstName] [nvarchar](100) NULL,
[code]...
View 4 Replies
View Related
Sep 14, 2006
The permissions granted to user 'xxxxyyy' are insufficient for performing this operation. When a user is deleted and then readded to active directory. Reporting services returns the insufficient permissions granted error. In dbo.users in the sql database there are 2 entries for the deleted user one with UserType 0 and another with UserType 1. How do you clean up reporting services or sql to allow the reciently re-added user to re-connect to reporting services. We use the MY-Reports option of reporting services but cannot delete the home directory for this user either in report Mgr. The same error is returned for this action.
View 1 Replies
View Related
Feb 21, 2006
I am working on the security model for an application that will be used by 100s of users with a dedicated SQL 2005 database for this application and access via SQL XML Web Services.
The client has asked to make it "open" during alpha testing such that anyone can access the web services without having to set them up first. Is there a way to do this? The best I can figure is to use mixed mode security and hard code a login and password. Any method using Windows authentication would require that I add every user at a minimum to the database.
In production, all users will have an active directory role specified that determines if they should have access to the web services or not. However, it is my understanding that to use Windows authentication, I would still need to add each individual user at a minimum as a Login to the SQL Server, and under best practices also as database users with permissions granted to the endpoint.
Am I correct in the above, or is there a more efficient way to achieve these results?
Thanks
-L
View 1 Replies
View Related
Jan 22, 2015
I have a table with the following columns employeeSessionID, OpDate, OpHour, sessionStartTime, sessionCloseTime. I need to see how many users remain active per hour. I can calculate how many logged in per hour, but I am stumped on how to count how many are active per hour. I have a single table that stores login data. I have created a query that pulls out the only the data needed from the table into a temp table using this query. Also note it is possible that the sessionCloseTime is null if the device has not been logged out this would need to be counted a active.
TABLE NAME #empSessionLog Contains the time stamp data OpDate, sessionStartTime and sessionCloseTime.
OpDatesessionStartTimesessionCloseTime
2015-01-202015-01-20 14:32:59.1302015-01-20 14:33:14.6299166
2015-01-202015-01-20 06:58:33.7302015-01-20 15:27:16.9133442
2015-01-202015-01-20 09:56:22.8402015-01-20 17:56:29.7555853
2015-01-202015-01-20 05:59:18.6132015-01-20 14:05:19.0426707
[code]....
can see how many sessions logged in per hour with the following statement:
SELECT
opDate,
FORMAT(DATEPART(HOUR, sessionStartTime), '00') AS opHour,
Count(*) AS Total
FROM #empSessionLog
Group BY opDate, FORMAT(DATEPART(HOUR, sessionStartTime), '00')
Order BY opDate, FORMAT(DATEPART(HOUR, sessionStartTime), '00') ASCResults:
opDateopHourTotal
2015-01-20041
[code]....
Where I am stuck is how do I count the sessions that remain active per hour until the session is closed with the sessionCloseTime.
View 5 Replies
View Related
Mar 5, 2008
Hi
I am having some teething problems while installing SQL on a 3 node cluster. Within the Cluster configuration I have 3 Cluster Groups with each of them having their associated disk resources. All these disk resources physically exist on a SAN.
The actual cluster is running absolutely fine and I can access all the disks from their respective owner node. The problem only starts when I start installing SQL Server 2005 on this cluster. I specify the Cluster group from the Cluster Group Selection and choose the desired partition and then the error message pops up
"There is not enough diskspace on the destination disk for the current SQL Server data files. To proceed, free up disk space to make room for data files, or install the data files to a different drive"
But the disk I am trying to install it on is 264Gb and none of it is used. I have also tried to change it to a different disk within the same Cluster group but to no avail. I have even tried to install it in a different cluster group all together but I get the same error message.
I have googled around havent found anything so far. The disks have got full permissions for the account I am installing SQL with.
Any help will be much appreciated.
Regards
Adnan
View 5 Replies
View Related
Feb 11, 2015
I am running into a weird issue with a new SQL Reporting Services 2014 server I built. I installed SQL Reporting 2014 on Windows Server 2012 R2 and configured Kerberos, but the site is extremely slow. After some reconfiguration and log captures I have determined the issue has to do with the Kerberos setup, however I am running a similar configuration with SQL Reporting Services 2008 on Windows Server 2008 R2 and do not run into the same errors.
The error I see while using Wireshark is KRB Error: KRB5KDC_ERR_BADOPTION NT Status: STATUS_NO_MATCH. When I drill down the into the error I can see the kerberos string is testprjmnmtreports14.company.com, which is the URL we are using to access the site. I made sure to add that name as an SPN for the service account that is running SQL Reporting Services, however I still receive the error.
Then I tried configuring the site to run without a hostheader, so I accessed the site with the server name, ECTSTSQLRS5, and the site works perfectly fine, no errors are reported either. So it seems I have isolated the issue down to Kerberos but I am not sure how to resolve it. Here is some more information about my environment:
DNS/URL used: testprjmnmtreports14.company.com
Server Name (FQDN): ECTSTSQLRS5.company.int
AD Domain Name: company.int
Server Version: Windows Server 2012 R2
AD Functional Level: 2008 R2
As you can see I am trying to use a .com address but my AD domain is .int which I think is the issue, but I do not have the same problem on my other server that is running Windows Server 2008 R2. What do I need to do to allow my new site on 2012 R2 to work with this DNS Alias?
View 0 Replies
View Related
May 12, 2008
Hi
I am newbie in SQL Clustering. I have set up a Windows Server Cluster with 2 nodes and am having the following problem with Physical Disk resource for cluster groups:
My Default Cluster Group (named Cluster Group) has IP Address, Network Name, Physical Disk and MSDTC resources. In addition to that my Default SQL Server instance resources are also in this group. I had this initial set up for Active/Passive mode.
Now I am trying to set up a SQL Cluster in Active/Active mode. For this I have to install another instance of SQL Server in the existing cluster and make a separate cluster group for its resources. I made a new cluster group (SQL Instance Group) with an IP Address and a Network Name resource for this new instance but I dont have any Physical Disk resource to allocate to it. As such while installing the SQL Server Instance I get stuck when I'm asked to select the quorum disk to be used.
Is it possible to configure two quorum disks, one for each group?
What's the concept of dedicated disks resource for each sql instance in a group? Is this same as the quorum disk? If this is not a shared disk how do I configure a dedicated disk resource for my second cluster group (SQL Instance Group)?
Anyone could please help me out with this?
View 12 Replies
View Related
Nov 30, 2006
Hi folks,
We are going thru the process of scoping an active/active cluster at one site.
I was wondering whether there will be any issues with mirroring (DB by DB) off the cluster into non clustered server at an alternate DRP site.
Regards, Brian
Sutherland
View 1 Replies
View Related
Mar 12, 2008
Hi all, My aim to install active/active 2 node SQL 2005 cluster. I have installed sql cluster on one mode, which automatically installed on node 2.
it works great. However When i tried to install second virtual server, it is not allowing me to install.
it says already install, can anyone tell me how to install active active cluster
View 1 Replies
View Related
Nov 2, 1999
Hi,
We are trying to set up an active/active configuration of a SQL Server
cluster, and we had a few questions.
Initially, we want to have 2 Database Servers that would share the same
Database (both reading/writing to the same tables).
However, from reading the MS docs, we find out that we can have what
they call an "active/active" configuration using a Cluster but they
need to have 2 different disk sets, i.e. having 2 separate databases.
If this assumption is correct, how does the data get synchronised
between the 2 databases (that are on the 2 different disks sets)?
Can anyone help? thanks
Axel
View 1 Replies
View Related
Oct 12, 2002
ACTIVE/ACTIVE SQL Server 2000 Cluster
This was my plan.
Physical box - box1,box2
virtual box - virtual1
i have a active/passive cluster virtual1 (primary node box1, secondary box2)
I am creating another virtual box on box2 as primary node by name virtual2)
whenever my installation setup runs my default server name is greyed out. it always requires a instance name.
Is that the way it should work?
i can only use instance for active/active failover?
please advice
View 1 Replies
View Related
Jun 29, 2004
How do I install MSDTC in an active/active MSCS cluster environment?
If I run comclust.exe, I can only activate MSDTC on one of the nodes at a time.
I need DTC on both nodes.
(Opsys is W2K with SQL 2000)
//Mange :)
View 2 Replies
View Related
Sep 27, 2005
Hello folks,
have you ever heard of an Active/Active SQL Sever 2000 Cluster deployed in a pure OLTP environment?
Some 8 years ago I have learned about a bespoke solution for the SAP ERP system (not the BW!) with DB2 Parallel Server for a huge German company. Then again, I would expect that Oracle RAC might fit into an OLTP environment, although I never heard about a real world implementation.
All this led me to believe clustering is good for failover purposes, and for decision support services, not quite for OLTP applications.
So if you see a point in Active/Active Clustering and OLTP please come forward and explain.
Cheers,
Johann
P.S: For those of you who want to know: Consultants from www.hiltes.com want us to deploy an Active/Active Cluster for their Fashion 3000 Net stock software.
View 6 Replies
View Related
Mar 22, 2007
We run several SQL 2000 SP4 instances on IA64 active/active cluster. The OS we run with is Windows Server 2003 SP1. We have different network cards : 2 network cards teamed for production purposes in domain X and 1 network card dedicated for problem solving in domain Y.
First we configured the cluster with only the 2 teamed network cards for production purposes in domain X. Later we introduced the second network card for problem solving in domain Y.
Everything looks fine. The (virtual) SQL instance listens on two different IP adresses on TCP port 1034. If we try to make connection via isql, EM or Query analyzer than we can directly contact the SQL instance from a workstation/server within domain X but this doesn't work form a workstation/server within domain Y. However if we use the specific TCP port in the connection in domain Y the connection is setup. We wish however not to use explicit TCP ports in setting up connections.
Has anyone experienced the same problem before or has anyone an idea how to solve the problem?
View 1 Replies
View Related
Jun 8, 2007
I have a 2005 active/active cluster and want to apply SQL server 2005 SP2 to both node.
I know that for active/passive , the sp can simple be installed on the active node(instance) and everything will be replicated to the other node.
bear in mind what I have SSIS and SSAS and SSRS running on the active/active cluster.
what is the rigth method for applying the SP to activeactive cluster?
Thanks
View 1 Replies
View Related
Mar 5, 2001
Hi
While configuring an active / active cluster, do I need to run the SQL setup on both nodes?
The SQL2K setup installs binaries on localdisks of both nodes - hence the question.
thanks
Liju
View 3 Replies
View Related
Feb 22, 2000
I have setup an active/active clustering environment for SQL Server, however it is 2 seperate virtual servers. How can I set them up to exist as one virtual server containing both active installations? Can this be done? I have two compaq 8500 w/8 processors each. I need to be able to cluster these configurations to take advantage of all 16 processors in one virtual SQL Server. Can it be done?
If you can answer these questions, you will have my undying gratitude.
Thanks in advance.
View 1 Replies
View Related
Sep 21, 2000
Hi
I am running some tests on SQL7 in an active/active cluster and have a couple of queries
1. When I create an ODBC DSN, why is the "Use the Failover SQL Server if the primary SQL Server" checkbox disabled
2. To test, I was running SQL queries from Access over the DSN created. When the Primary Server went down, I had to reconnect to re run the query - Is this normal?
3. Can someone point me to any documentation on the above scenario that would shed some more light?
Thanks
Liju
View 5 Replies
View Related
Oct 26, 1999
I currently have a two node HP hardware active/active cluster server. Running windows NT 4.0 Enterprise and dSQL server 6.5 sp 3. I want to upgrade the cluster to SQL 7. I would like to know if anyone ran into any problems or has sucessfully attempted this.
Also I read a few months ago about a gottcha involving NT sp4 and SQL sp5a that would prevent a node from failing over. Has this been corrected and does it affect SQL 7.
thanks
View 1 Replies
View Related
Sep 27, 2002
Hi
Is there anyone who knows where I can get some information about
installing an ACTIVE/ACTIVE SQL 2000 Cluster server (MSCS).
I have no problem setting up an active/passive failover cluster.
Where can I get more information? Do I need two instances? Two databases?
What's the difference between active/active and active/passive?
Thanks!
View 2 Replies
View Related
Jan 20, 2004
Hello, Can anyone please explain how the failover processes works on a sql server 2000 2 node active/active cluster.
Given the following
You have 2 node active/active cluster NodeA & NodeB
Question
1. How many SQL instances need to be installed on each node?
2. If the answer to question #1 is one instance per node, then
say if NodeA fails NodeB will take over all the resources of NodeA
including the master database, How does that work , how can once instance (in nodeB) handle two master database i.e its own master database and the one taken over from NodeA.
View 1 Replies
View Related
May 18, 2008
Hi,
I've just setup an 2 node active/active sql cluster (my first). Both servers have exactly the same specification, 16GB of RAM each and SAN attached. My question is, how do I configure the min and max memory for each sql instance. I've read some where that I need to follow the 20-40-40 rule as, 20% for the OS, 40% for the active sql instance on the node and the other 40% is for the other sql instance if it fails over. Are there any other gotcha that I need to be aware of? Can someone share some light with me in regards to this? Thanks
Ken
View 4 Replies
View Related
Jul 3, 2007
We have an active/active node setup with SQL 2005. Does anyone have any samples of VBS I could use to see what node is actually taking requests at a certain time? What I want to determine is what the actual active node is.
Thanks.
View 1 Replies
View Related
May 18, 2006
I want to host 2 seperate SQL databases and wanted to know if it would be possible to run this in an active active cluster config which each database running on a different server.
The clustering would be there in the event of failure of one of the servers but for normal operation the two sql instances would be completely seperate.
Is this configuration possible and would this give the best performance and resiliance from a 2 server setup.
What do you think?
View 4 Replies
View Related
Jun 3, 2007
Help, I have an active/active cluster with SQL2k5 Ent with SP2 installed on node1 that is currently running live apps, I need to add the 2nd node to have fail over functionality but if I use the Change Install from Add or Remove Programs on the primary node to add the 2nd node I get the following error.
"The File 'c:....SqlRun_SQL.ms' is not a valid installation package for the product Microsoft SQL Server 2005(SQL2K5VVS01). Try to find the installation package 'SqlRun_SQL.msi' in a folder from which you can install Microsoft SQL Server 2005(SQL2K5VVS01).
No I assume this is because node 1 has had service pack two applied. Does anyone have instructions how I can add node two without having to completely uninstall Node 1, as the doc€™s with SQL2005 SP2 say it can not be removed, a complete uninstall of 2005 must be done???
View 3 Replies
View Related
