Scheduled Backup For Encryption Keys
Oct 29, 2007
Is there a way to schedule the backup of encryption keys periodically?
Thanks
Karthika
ADVERTISEMENT
Encryption Keys Backup Option Is Disabled
Jan 23, 2008
I just installed Reporting Services (2005) in a "distributed installation" mode. That is, I have sql server 2005 on a separate server. I installed the Report Server on its own server where I already had IIS running.
That all seemed to go well and I didn't get any errors or anything. After the install process was done, I ran the RS Configuration Manager tool. Since "Install but do not configure" option was automatically selected for me, I started working through all the pages from top to bottom. Again everything worked, and I have green checkboxes next to all of the nodes in the left except...
When I get to the Encryption Keys page, it has a blue exclamation icon next to its icon in the left pane. On the page itself, the Backup and Change buttons are disabled, greyed out.
And, the next item down, Initialization, is shown with a greyed out "x" icon. It's not red, but greyed out.
So, I'm not sure what this all means, but I'm guess it means that I don't have RS set up yet...! Any help would be greatly appreciated.
-- M Noreen
Encryption - Importing Keys
Oct 12, 2006Is it possible to load data into MSSQL 2005 that has been encrypted externally with a symmetric key algorithm, such as AES, and then import the key to SQL Server? After browsing through Books Online, I don't see any way to import a symmetric key from an external file, but maybe I'm missing something.
View 3 Replies View RelatedData Encryption And Keys
Jan 25, 2007Hi,
I would like to encrypt data in my database. I want encrypted column value to be viewable only for certain group of users. Users that has access to my database doesn't meant they can access to my encrypted data.
Currently, I am using the following "approach" as my key management.
create master key encryption by password= 'MasterKeyPass'
CREATE ASYMMETRIC KEY MyAsymmKey AUTHORIZATION MyUser
WITH ALGORITHM = RSA_1024
ENCRYPTION BY PASSWORD ='MyAsymmPass'
CREATE SYMMETRIC KEY MySymmKey WITH ALGORITHM = DES
ENCRYPTION BY ASYMMETRIC KEY MyAsymmKey
My data will be encrypted using Symmetric key MySymmKey.
User who want to access my data must have MasterKey and MyAsymmKey password.
Is it OK? Any better way?
Thank you
Symmetric Encryption By Asymmetric Keys
Nov 9, 2007i've getting ready to implement encryption on a rather large database. I'd read that if performance is of utmost concert, you should use symmetric keys. I want to encrypt those keys by asymmetric keys. My code is working, but i'm just not sure if there is a quicker way? do you have to open and close the key each time you select/update/insert in a stored procedure that references an encrypted column, or is there a way to just modify the code by adding the encryptbykey/decryptbykey functions?
has anyone implemented encryption on columns in large tables? any suggestions for me?
Thanks,
Pete
here's my code to create the keys:
create asymmetric key ASK_Auto_Encrypt
with algorithm = RSA_512;
create symmetric key SK_AE
with algorithm = TRIPLE_DES
encryption by asymmetric key ASK_Auto_Encrypt;
here's my code to test this:
create table encryption_test (test varchar(50));
open symmetric key SK_AE
decryption by asymmetric key ASK_Auto_Encrypt;
insert into encryption_test
select encryptbykey(key_guid('SK_AE'),'test');
select convert(varchar(max),decryptbykey(test)) from encryption_test;
close symmetric key SK_AE;
2005 Encryption - Symmetric Keys
May 29, 2006
Hi There
We have been playing around with encryption in 2005. I cannot find a BOL topic that discusses dropping encryption objects such as keys.
We do the followign steps:
Create master key with password, then we create a certificate using the master key, we then create a symmetric key using this certificate and encrypt data columns.
But what i find worrying is that you can then drop the symmetric key , there are no warnings that you have objects dependant on this key for decryption.
Once you have dropped the key you cannot decrypt the data anymore?
Also the key defults the expiration date to 1 year.
WHat happens after 1 year when you have encrypted data and an expired key, or someone drops the key ? How can you ever decrypt the data after that ?
You can backup master keys nd certificates but not symmetric keys?
It seems to be that youc an very easily orphan encrypted data by the loss of the symmetric key for whatever reason, is this correct ?
Thanx
SQL 2005 Encryption - Symmetric Keys
Feb 14, 2007I have a question about the storage of symmetric keys in SQL Server 2005 due to the fact that I have read two conflicting statements on this.
In Laurentiu's blog located at http://blogs.msdn.com/lcris/archive/2005/10/14/481434.aspx, in regards to preventing symmetric key loss he makes the statement that "...Because the keys are stored in the database, they will be saved with the database....".
But in the white paper Improving Data Security by Using SQL Server 2005, which is located at http://www.microsoft.com/technet/itshowcase/content/sqldatsec.mspx, in regards to symmetric keys the statement is made "...Note: The symmetric key is not stored in the database. Only the encrypted values of the symmetric key are stored in the database. Therefore, users who can access the database cannot decrypt the data without first decrypting the symmetric key....".
So I am just wondering which statement is correct, are symmetric keys stored in the database or not?
Thanks!
Ginny
Primary/Foreign/Identity Keys && Encryption
Nov 2, 2006Hi all!
I'm just getting my feet wet with how encryption works in SQL 2005. With regards to the encryption of primary / foreign keys, I'm not entirely clear on the best approach. Below are three examples of typical table structures I currently have:
== Customers table ==
CustomerID (PK, int, Identity)
CustomerName (varchar)
== Orders table ==
OrderID (PK, int, Identity)
CustomerID (int, foreign key)
CreditCardNumber (varchar)
== OrderDetails table (1 to Many) ==
OrderID (PK/FK, int)
ItemNumber (PK, int)
ItemDescription (varchar)
The Customers and Orders tables use identity values as their primary keys. From what I can tell, CustomerID in the Customers table cannot be encrypted and OrderID in the Orders table cannot be encrypted because they are identity values. In these cases, would it be safer (in terms of security) to create a separate, meaningless identity key column in the Customers table and then remove the identity attribute from CustomerID so I can encrypt CustomerID?
Similarily in the OrderDetails table, OrderID and ItemNumber form a composite key. These values are important in that I don't want them to be tampered with. Am I better off creating a separate identity key column which becomes the table's primary key ... then encrypt both the OrderID and ItemNumber columns in this table?
Any ideas are appreciated.
Thank you,
Ben
Managing And Rotating Keys For Encryption For Many SQL Servers
Aug 15, 2007There is all kinds of great info out there about the mechanics behind column level encryption in SQL2005, but it all seems to assume I only have 1 or 2 database servers. If I am using an X509 certificate to encrypt my data, it looks as if I can script the administration of this fairly easily.
But what if I have 1000 SQL Servers?
Is there any guidance/best practices/tools out there that will help me manage the 1000 certificates that I would need to deploy in such a scenario. Also, what if I need to 'rotate' the certificates for some reason. Can a PKI for the domain help me to automate and manage this?
It seems as if the management of these certificates is purely 'manual' at this point.
Thanks for any help,
...Andrew
SQL Server Admin 2014 :: Using Column Encryption With Symmetric Keys
Jun 25, 2015I am trying to implement the column encryption on one of the tables, have used the below link as the reference and got stuck at the last step.
[URL] ....
I have completed the following steps so far.
- CREATE MASTER KEY ENCRYPTION BY PASSWORD = ‘myStrongPassword’
- CREATE CERTIFICATE MyCertificateName
WITH SUBJECT = 'A label for this certificate'
- CREATE SYMMETRIC KEY MySymmetricKeyName WITH
IDENTITY_VALUE = 'a fairly secure name',
ALGORITHM = AES_256,
[Code] .....
Example by using the function
EXEC OpenKeys
-- Encrypting
SELECT Encrypt(myColumn) FROM myTable
-- Decrypting
SELECT Decrypt(myColumn) FROM myTable
When I ran the last command :
-- Decrypting
SELECT Decrypt(myColumn) FROM myTable
I get the following error :
Msg 257, Level 16, State 3, Line 2
Implicit conversion from data type nvarchar to varbinary is not allowed. Use the CONVERT function to run this query.
Where will I use the convert function, in decrypt function or in select statement?
Scheduled Backup
Mar 1, 2002Hi,
I am trying to do an automatic backup of my database and for some reason it does not do it.
I have it set to backup daily at 4:00 pm.
Please let me know if you know why it is not backing up on it's own.
The Server manager is on always and a manual backup is not a problem for me,
only the automatic.
Thanks very much.
Scheduled Backup
Jun 16, 2008How is make automation with the Scheduled Backup as per the system date and time through ssis.. its very urgent..
View 2 Replies View RelatedBackup Encryption 101
Nov 21, 2014Any simple summary of the new backup encryption? I've found a small handful of articles, but apparently I have some sort of mental block where keys and certs are involved.I'm trying to determine if this is a viable replacement (for our purposes) for SQL Backup, which we started using primarily for the compression and encryption. We don't have issues with SQL Backup, I'd rather not install additional utilities for native functionality.
What I can't seem to understand is how one goes about restoring an encrypted backup onto another server. When one restores the master key onto the destination server, what happens to the existing key on that server?
Right now, we have backups off-site in third-party storage, and all we need to restore is the .sqb and the password (and the SQB converter). With native encryption, we need the .bak, the keys, the cert, and the password?
Scheduled Job To Backup A Table
Jul 1, 2001Hi,
I am trying to schedule a job that will backup a table in my database, based on the name which has TABLENAME_mm_yyy that is 3 months old, then delete the table. Basically it is for archiving purposes, with the backup to be held on NT backup for another 12 months, just in case. Can anyone give me sugestions on how to do this - maybe alternatives?
Each monthly table has approx 4 million rows, that are rarely looked at. With other databases competing for space/resources, the thought was to remove these old tables monthly, with the ability to 'restore' them easily if/when required.
Any help or suggestions would be very much appreciated.
Scheduled CREATE BACKUP
Jan 7, 2008i want to know how can i run a CREATE BACKUP stored procedure using windows 2003 scheduled task on a specefic time?
View 5 Replies View RelatedBackup && Restore Encryption Key
Jan 16, 2006Hello!
I started Configure Report Server (2005) and have executed backup of the encryption key.
Problem occurred on restore of the encryption key as following error (I have provided correct backup snk):
ReportServicesConfigUI.WMIProvider.WMIProviderException: The version of the report server database is either in a format that is not valid, or it cannot be read. The found version is 'C.0.8.39'. The expected version is 'C.0.8.40'. To continue, update the version of the report server database and verify access rights. (rsInvalidReportServerDatabase)
at ReportServicesConfigUI.WMIProvider.RSReportServerAdmin.ThrowOnError(ManagementBaseObject mo)
at ReportServicesConfigUI.WMIProvider.RSReportServerAdmin.RestoreEncryptionKey(Byte[] encryptedBytes, String password)
ReportingServer sites stop working with similar error (browsing by IE):
The found version is 'C.0.8.39'. The expected version is 'C.0.8.40'. To continue, update the version of the report server database and verify access rights. (rsInvalidReportServerDatabase)
ReportingServer services are all locked by this.
Can you please tell how to resolve this problem?
Thank you very much!
vbrada
Database Backup With Encryption
Jun 7, 2007Hi,
I want to backup my database at regular intervals and encrypt it. Also I want to verify the back up. How do I do it?
I want the back ups to run every fortnight.
Thanks.
Scheduled Transaction Log Backup Failed
Aug 16, 2006Hi Greeting,
Sql sever7
OS winNT
We have scheduled transaction log backup for user database to run every one hour. Now the transaction has failed. it gives out put
[12] Database oas: Delete Old Backup Files...
Unable to delete file E:mssql7 logsoasoas_tlog_200608111300.TRN. 0 file(s) deleted.
When we try to delete the file manully, we get alert message "can not delelte the file as it is in use."
Please suggest how to solve this.
Awating for reply
Thanks in Advance
Adil
Scheduled Backup Silently Fails
Jul 20, 2005I am running a SQL Server 2000 installation with several databases. Eachdatabase and log is backed-up using a maintenance plan.The scheduled maintance plan for the latest database does not run, butdisplays no error. There is no entry in the job history. The same thinghappens when I try to run the individual jobs from Enterprise Manager.I've checked the database recovery model (full), the location of the backupfiles (same as the other databases), and just about everything else I canthink of. The scheduled maintenance plan for every other database runs asit should.What am I missing?ThanksIain
View 6 Replies View RelatedReport Services Backup Encryption Key
Mar 11, 2008
I'm trying to backup the Encryption Key for the Reporting Services. After I insert the password / location key file and click Ok, I get the following error:
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ReportServicesConfigUI.WMIProvider.WMIProviderException: An unknown error has occurred in the WMI Provider. Error Code 80070A91
---> System.Runtime.InteropServices.COMException (0x80070A91): Password doesn't meet the requirements of the filter dll's
(Exception from HRESULT: 0x80070A91)
--- End of inner exception stack trace ---
at ReportServicesConfigUI.WMIProvider.RSReportServerAdmin.ThrowOnError(ManagementBaseObject mo)
at ReportServicesConfigUI.WMIProvider.RSReportServerAdmin.BackupEncryptionKey(Byte[]& encryptedBytes, String password)
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
I have tried with diferents passwords but none of them is ok. I don't have any rule on local windows password policy!
Any suggestions?
Thanks!
MD.
Trouble With Encryption Key - Have Had To Restore Backup Several Times
Feb 7, 2008Hello all - I have an installation of SQL Server 2K5 Express with Reporting Services on an XP Pro SP2 PC. It has been running for about 6 months now. Within the 1st month, I had to restore the Encryption Key (the Report Manager failed to function properly).
All had been well until last week, when I had to restore the encryption key (for the same reason). After restoring the encryption key, the Report Manager immediately started to work again.
It happened again today, so I had to once again restore the encryption key. Can anyone offer any ideas as to why/how this would happen?
Thanks!
Scheduled Backup Suddenly Started Giving Errors
Oct 19, 2007
Hi,
I have scheduled full backup daily at morning 6:00. It was running fine till yesterday. Suddenly today morning it failed giving following error....
I have executed maintenance plan manually and again it gave same error....
10/19/2007 11:03:10,FullDBBackup.Subplan_1,Error,1,*****,FullDBBackup.Subplan_1,Subplan_1,,Executed as user: ****SYSTEM. ...9.00.3042.00 for 32-bit Copyright (C) Microsoft Corp 1984-2005. All rights reserved. Started: 11:03:10 AM Error: 2007-10-19 11:03:10.98 Code: 0xC0010018 Source: Back Up Database (Full) Description: Error loading a task. The contact information for the task is "Back Up Database Task; Microsoft Corporation; Microsoft SQL Server v9; ? 2004 Microsoft Corporation; All Rights Reserved;http://www.microsoft.com/sql/support/default.asp;1". This happens when loading a task fails. End Error Error: 2007-10-19 11:03:11.25 Code: 0xC00291EC Source: {C7FB73D1-ADF1-42C0-B3D5-9F8014CC206B} Execute SQL Task Description: Failed to acquire connection "Local server connection". Connection may not be configured correctly or you may not have the right permissions on this connection. End Error Warning: 2007-10-19 11:03:11.25 Code: 0x80019002 Source: OnPreExecute Description: SSIS Warning Code DT... The package execution fa... The step failed.,00:00:01,0,0,,,,0
Pls help me as daily backups are very crucial to me...
DB Engine :: Backup Encryption With Compression With Date Format
Jul 31, 2015Current am using the below script it is working fine i need use ENCRYPTION script where i should add this
NOREWIND, NOUNLOAD, COMPRESSION,
ENCRYPTION(ALGORITHM = AES_256,
SERVER CERTIFICATE = [BackupCertificate]), STATS = 10
USE [master]
GO
[code]...
SQL Security :: Encryption 2005 - User Defined Function For Encryption And Decryption
Oct 7, 2015I have created two user defined functions for encryption and decryption using passphrase mechanism. When I call encryption function, each time I am getting the different values for the same input. While I searching a particular value, it takes long time to retrieve due to calling decryption function for each row.
best way to encrypt and decrypt using user defined functions.Below is the query which is taking long time.
SELECT ID FROM table WITH (NOLOCK)
WHERE dbo.DecodeFunction(column) = 'value'
When I try to use symetric or asymetric encryption, I am not able to put "OPEN SYMETRIC KEY" code in a function. So, I am using PassPhrase mechanism.
SQL Server Admin 2014 :: Restoring A Database Even If No Database Or Backup Encryption
Sep 3, 2014I did tried the encryption on server "A" for database "AdventureWorks2012". Then I tried to restore to server "B". There was the certificate issue, and I thought "of course : it's encrypted ! Let's deactivate it". So here I go "ALTER DATABASE AdventureWorks2012 SET ENCYRPTION OFF".I look at sys.databases : not encrypted.I backup using no encryption, I verify using msdb.dbo.backupset : not encrypted.
I move my backup to my other server where encryption was never configured (so no certificate, nothing...), and I have the error :
Msg 33111, Level 16, State 3, Line 1
Cannot find server certificate with thumbprint '0xFA130E58C999C4919B8975999C83A75A403B11D8'.
Msg 3013, Level 16, State 1, Line 1
RESTORE DATABASE is terminating abnormally.
Creating Inter-table Relationships Using Primary Keys/Foreign Keys Problem
Apr 11, 2006Hello again,
I'm going through my tables and rewriting them so that I can create relationship-based constraints and create foreign keys among my tables. I didn't have a problem with a few of the tables but I seem to have come across a slightly confusing hiccup.
Here's the query for my Classes table:
Code:
CREATE TABLE Classes
(
class_id
INT
IDENTITY
PRIMARY KEY
NOT NULL,
teacher_id
INT
NOT NULL,
class_title
VARCHAR(50)
NOT NULL,
class_grade
SMALLINT
NOT NULL
DEFAULT 6,
class_tardies
SMALLINT
NOT NULL
DEFAULT 0,
class_absences
SMALLINT
NOT NULL
DEFAULT 0,
CONSTRAINT Teacher_instructs_ClassFKIndex1 FOREIGN KEY (teacher_id)
REFERENCES Users (user_id)
)
This statement runs without problems and I Create the relationship with my Users table just fine, having renamed it to teacher_id. I have a 1:n relationship between users and tables AND an n:m relationship because a user can be a student or a teacher, the difference is one field, user_type, which denotes what type of user a person is. In any case, the relationship that's 1:n from users to classes is that of the teacher instructing the class. The problem exists when I run my query for the intermediary table between the class and the gradebook:
Code:
CREATE TABLE Classes_have_Grades
(
class_id
INT
PRIMARY KEY
NOT NULL,
teacher_id
INT
NOT NULL,
grade_id
INT
NOT NULL,
CONSTRAINT Grades_for_ClassesFKIndex1 FOREIGN KEY (grade_id)
REFERENCES Grades (grade_id),
CONSTRAINT Classes_have_gradesFKIndex2 FOREIGN KEY (class_id, teacher_id)
REFERENCES Classes (class_id, teacher_id)
)
Query Analyzer spits out: Quote: Originally Posted by Query Analyzer There are no primary or candidate keys in the referenced table 'Classes' that match the referencing column list in the foreign key 'Classes_have_gradesFKIndex2'. Now, I know in SQL Server 2000 you can only have one primary key. Does that mean I can have a multi-columned Primary key (which is in fact what I would like) or does that mean that just one field can be a primary key and that a table can have only the one primary key?
In addition, what is a "candidate" key? Will making the other fields "Candidate" keys solve my problem?
Thank you for your assistance.
Creating Indexes On Columns That Are Foreign Keys To Primary Keys Of Other Tables
Jul 16, 2014what the best practice is for creating indexes on columns that are foreign keys to the primary keys of other tables. For example:
[Schools] [Students]
---------------- -----------------
| SchoolId PK|<-. | StudentId PK|
| SchoolName | '--| SchoolId |
---------------- | StudentName |
-----------------
The foreign key above is as:
ALTER TABLE [Students] WITH CHECK ADD CONSTRAINT [FK_Students_Schools]
FOREIGN KEY([SchoolId]) REFERENCES [Schools] ([SchoolId])
What kind of index would ensure best performance for INSERTs/UPDATEs, so that SQL Server can most efficiently check the FK constraints? Would it be simply:
CREATE INDEX IX_Students_SchlId ON Students (SchoolId)
Or
CREATE INDEX IX_Students_SchlId ON Students (SchoolId, StudentId)
In other words, what's best practice for adding an index which best supports a Foreign Key constraint?
Generate Script For Primary Keys And Foreing Keys
May 16, 2008
Pls let me know How I generate script for All primary keys and foreign keys in a table. Thereafter that can be used to add primary keys and foreign keys in another databse with same structure.
Also how I script default and other constraints of a table?
Urgent !!!!! Nee Explanation On Primary Keys And FK Keys
Jul 15, 2002Can somebody explain to me how to best do inserts where you have primary keys and foreign keys.l'm battling.
Is there an article on primary keys/Pk ?
Foreign Keys - On Which Kind Of Keys Do The Base On?
Nov 22, 2007Hello!I have a table A with fields id,startdate and other fields. id and startdateare in the primary key.In the table B I want to introduce a Foreign key to field id of table A.Is this possible? If yes, which kind of key I have to build in table A?Thx in advance,Fritz
View 6 Replies View RelatedAuto Incremented Integer Primary Keys Vs Varchar Primary Keys
Aug 13, 2007Hi,
I have recently been looking at a database and wondered if anyone can tell me what the advantages are supporting a unique collumn, which can essentially be seen as the primary key, with an identity seed integer primary key.
For example:
id [unique integer auto incremented primary key - not null],
ClientCode [unique index varchar - not null],
name [varchar null],
surname [varchar null]
isn't it just better to use ClientCode as the primary key straight of because when one references the above table, it can be done easier with the ClientCode since you dont have to do a lookup on the ClientCode everytime.
Regards
Mike
BACKUP LOG Cannot Be Performed Because There Is No Current Database Backup. BACKUP LOG Is Terminating Abnormally.
Jan 31, 2008
Hi there
I'm getting this message on my third automated backup of the transaction logs of the day. Both databases are in full recovery mode, both successfully backed up at 01.00. The transaction logs backed up perfectly happily at 01:30 and 05:30, but failed at 09:30.
The only difference between 05:30 and 09:30's backups is that the log files were shrunk at 08:15 (the databases in question are the ones that sit under ILM2007, and keeping the log files small keeps the system running better).
Is it possible that shrinking the log files causes the database to think that there hasn't been a full database backup?
Thanks
Jane
Scheduled DTS
Jul 23, 2005Hi!I scheduled a DTS-Import from MySQL, whenever I run it manually(Right-Click on the DTS package) it runs through without any problems.But firing it by a schedule doesn't work!?Just to exclude any issues regarding users/roles, I created a DTS toexport files to my desktop to an EXCEL-sheet. Manually export as wellas scheduled export works fine.My Application Log shows me following error message:Event Type:WarningEvent Source:SQLSERVERAGENTEvent Category:Job EngineEvent ID:208Date:6/8/2005Time:10:05:02 AMUser:N/AComputer:*****Description:SQL Server Scheduled Job 'ImportFromMySQL'(0xC89612CE034F6642BD585B048DBC0F06) - Status: Failed - Invoked on:2005-06-08 10:05:02 - Message: The job failed. The Job was invoked bySchedule 22 (ImportFromMySQL). The last step to run was step 1(ImportFromMySQL).Anybody know what's wrong!?
View 11 Replies View Related