|
More site info...
SQL Server Security | Forum profile
|
|
Forum profile page for SQL Server Security on http://social.technet.microsoft.com.
This report page is the aggregated overview from a single forum: SQL Server Security, located on the Message Board at http://social.technet.microsoft.com.
This forum profile page summarizes the general forum statistics such as: Users Activity, Forum Activity, and Top Authors, which are reported in either a table or graph below for a given reporting time period.
Additional forum profile information for "SQL Server Security" on the Message Board at http://social.technet.microsoft.com is also shown in the following ways:
1) Latest Active Threads
2) Hot Threads for Last Week
Warning: These statistics are generated using 'best efforts' and can experience delays and reporting errors at times. Please note that such statistics do not constitute a forum's popularity and/or exact posting volumes at any given reporting period.
|
|
|
|
|
Posting activity on SQL Server Security:
|
|
Week
|
Month
|
3 Months
|
|
Threads:
|
42
|
212
|
677
|
|
Post:
|
70
|
422
|
1,947
|
|
|
SQL Server Security Posting activity graph:
|
Top authors during last week:
user's latest post:
Question about a Load test problem
Published (2009-12-14 17:36:00)
AFAIK - A key that is opened will only be available in the current connection, and this availability will last until either the key is explicitly closed using a statement like CLOSE SYMMETRIC KEY or until the connection will end. I dont think there are other ways of overcoming the design.
user's latest post:
encrypting connections to sql...
Published (2009-12-11 07:36:00)
You may check SQL Server Error Log file %ProgramFiles%\Microsoft SQL Server\MSSQL.n\MSSQL\LOG\ERRORLOG. If your SQL Server instance used your certificate for encryption, there should be a message for this.
user's latest post:
Login failed for NT...
Published (2009-12-10 11:30:00)
If the service is running on the same server where SQL Server is running then it should work fine, else if the service is connecting to a remote server then use SQL authentication or domain account. Make sure the account is enabled and active in SQL Server
user's latest post:
ERROR SQLSTATE 42000 Error 15404
Published (2009-12-15 06:37:00)
Hi, From Raul Garcia in the other thread: http://social.msdn.microsoft.com/Forums/en-IE/sqlsecurity/thread/9dddf08e-929c-43b4-bc10-ac8f36cbb023 ----------------------- Most likely the machine account doesn’t have permission to query the AD. I would recommend requesting access to the AD administrator or change SQL Server and run the service as a low-privileged domain account that has proper permissions on the AD.
user's latest post:
Cross Database Seccurity
Published (2009-12-14 12:25:00)
Not that easy I am afraid as I need to inner join across the databases.
user's latest post:
Who logs in using "sa"...
Published (2009-12-09 07:07:00)
Profiler might work; but this solution will have performance hit. What if we read network packets on port 1433 asynchronously? I tried doing it using C# Socket programming; but it did not worked. I guess SQL Server exclusively locks that port.
user's latest post:
SQL 2005 connection
Published (2009-12-09 08:20:00)
Hi Vidhya, I did check the server and find out that update MS09-062 (SQL 2005 SP3) has been installed on this server. Any othere sugestions? Thanks, Shahin
user's latest post:
encrypting connections to sql...
Published (2009-12-11 17:25:00)
thanks that's what i was looking for. I found the log files and in it i saw an entry stating that the certificate was successfully loaded for encryption
user's latest post:
Cannot open user default...
Published (2009-12-11 05:35:00)
Could you please check wethere the default database exists or it might be set to either single user mde or restricted_user state . Cause of this issue is : Is in suspect mode. No longer exists. Is in single user mode and the only available connection is already being used by someone else or by something else. Has been detached. Has been set to the RESTRICTED_USER state. Is offline. Is set to emergency status. Does not have the login...
bdenmy- Wisdom is the principal...
2
user's latest post:
Cannot open user default...
Published (2009-12-11 08:02:00)
For Suhas V or someone else, Initially I wanted to create a password for the security of data in sql server management studio, so that the sql server management studio can not be opened by someone else, after a password set on the sql server management studio, it still can be opened without a assword. Then I started to delete login names in server name> security> logins> login names, since that I could not open the...
|
|
|
|
Latest active threads on SQL Server Security::
Started 5 days, 11 hours ago (2009-12-15 11:43:00)
by Ewan
Hi Col I expect that it's because the ownership chain isn't broken. ie the SP and the table are owned by the same user, so the proc should execute. If the ownership was different, it should fail as UserA's permissions would be checked. HTH Ewan
Started 5 days, 16 hours ago (2009-12-15 06:37:00)
by ChunSong Feng -MSFT
Hi, From Raul Garcia in the other thread: http://social. msdn.microsoft.com/Forums/en-IE/sqls ecurity/thread/9dddf08e-929c-43b4-bc10-ac8f36cbb02 3 ----------------------- Most likely the machine account doesn’t have permission to query the AD. I would recommend requesting access to the AD administrator or change SQL Server and run the service as a low-privileged domain account that has proper ...
Started 2 weeks, 3 days ago (2009-12-03 07:06:00)
by VidhyaSagar
Have you placed the file in your documents & settings or app folder, some times I have seen this.. Probably you can move the files to a command folder and provide privilege to all (especially SQL Service account).
Started 6 days, 5 hours ago (2009-12-14 17:27:00)
by Lekss
In your IIS setting try to DENY anonymous access and then try to connect to your application.
Started 6 days, 5 hours ago (2009-12-14 17:36:00)
by Lekss
AFAIK - A key that is opened will only be available in the current connection, and this availability will last until either the key is explicitly closed using a statement like CLOSE SYMMETRIC KEY or until the connection will end. I dont think there are other ways of overcoming the design.
Started 6 days, 5 hours ago (2009-12-14 17:32:00)
by Lekss
By default the data moved witll have encryption enabled on it at the destination server . As long as the DATABASE MASTER KEY and SERVER MASTER KEY are same at both the instance , you may be able to decrypt the column level data and read it , if not - you may not be able to get data from that column.
Started 6 days, 5 hours ago (2009-12-14 17:21:00)
by Lekss
I think the error should be ' password is not correct 0x80070056'. If that is the case make sure the password that you enter during the service account change is valid and correct. The passwords are case sensitive.
Started 6 days, 5 hours ago (2009-12-14 17:18:00)
by Lekss
You need to create the login in the secondary server which should have the same SID as in the primary server. You can make use of sp_helprevlogin procedure to script the login with the same SID and password, once scripted execute the script in the secondary server to create the login with same SID and password. Have the user created in the primary db with reqd access level and permissions...
Started 6 days, 10 hours ago (2009-12-14 12:02:00)
by Ana Mihalj
You need to assign the appropriate user rights in the database you are crossing to. So, if your stored procedure in Database1 select data from tableA in database2, your user also need SELECT rights on tableA in database2.
Started 10 months ago (2009-02-20 14:42:00)
by Jens K. Suessmeyer -
Tough decision:
- Have a setting in SQL where it rejects any object reference without a schema. This enforces the app to always use 2 part names (best practice). This works best when you have access to the application source code or are writing a new application.
Sure this would save all of ours lifes, but no one would ever switch that on for reasons of lazyness....
|
|
Hot threads for last week on SQL Server Security::
Started 6 days, 10 hours ago (2009-12-14 12:02:00)
by Ana Mihalj
You need to assign the appropriate user rights in the database you are crossing to. So, if your stored procedure in Database1 select data from tableA in database2, your user also need SELECT rights on tableA in database2.
Started 1 week, 2 days ago (2009-12-11 20:13:00)
by loya
I am having the same kind of permission issue...
Started 6 days, 5 hours ago (2009-12-14 17:27:00)
by Lekss
In your IIS setting try to DENY anonymous access and then try to connect to your application.
Started 1 week ago (2009-12-13 17:02:00)
by Lekss
Is the user under anyother database roles apart from the public role ? What's the version of your mssqlsystemresource database? The SQL Server error log will show this after the line showing the startup of the server.
Started 6 days, 5 hours ago (2009-12-14 17:32:00)
by Lekss
By default the data moved witll have encryption enabled on it at the destination server . As long as the DATABASE MASTER KEY and SERVER MASTER KEY are same at both the instance , you may be able to decrypt the column level data and read it , if not - you may not be able to get data from that column.
Started 6 days, 5 hours ago (2009-12-14 17:36:00)
by Lekss
AFAIK - A key that is opened will only be available in the current connection, and this availability will last until either the key is explicitly closed using a statement like CLOSE SYMMETRIC KEY or until the connection will end. I dont think there are other ways of overcoming the design.
Started 5 days, 11 hours ago (2009-12-15 11:43:00)
by Ewan
Hi Col I expect that it's because the ownership chain isn't broken. ie the SP and the table are owned by the same user, so the proc should execute. If the ownership was different, it should fail as UserA's permissions would be checked. HTH Ewan
Started 6 days, 5 hours ago (2009-12-14 17:21:00)
by Lekss
I think the error should be ' password is not correct 0x80070056'. If that is the case make sure the password that you enter during the service account change is valid and correct. The passwords are case sensitive.
Started 6 days, 5 hours ago (2009-12-14 17:18:00)
by Lekss
You need to create the login in the secondary server which should have the same SID as in the primary server. You can make use of sp_helprevlogin procedure to script the login with the same SID and password, once scripted execute the script in the secondary server to create the login with same SID and password. Have the user created in the primary db with reqd access level and permissions...
Started 2 weeks, 1 day ago (2009-12-05 17:55:00)
by Rajeev Rajendran
Use Change data capture concept. CDC capture all DML operation performed on the table.
Enable CDC at DB level and table level. Using this option you can capture all the DML operation.
|
|
Size: 313 bytes
