Is there any link where I can see how the new security model wrt
keys/certificates work ? I am looking for examples. to play around with.See my blog - a link to is in my signature.
Thanks
Laurentiu Cristofor [MSFT]
Software Development Engineer
SQL Server Engine
http://blogs.msdn.com/lcris/
This posting is provided "AS IS" with no warranties, and confers no rights.
"Hassan" <Hassan@.hotmail.com> wrote in message
news:etpA4MdPHHA.3268@.TK2MSFTNGP03.phx.gbl...
> Is there any link where I can see how the new security model wrt
> keys/certificates work ? I am looking for examples. to play around with.
>
Showing posts with label security. Show all posts
Showing posts with label security. Show all posts
Friday, March 30, 2012
Friday, March 23, 2012
Link Server
Hi,
I got "there is no security context that we could use to
verified sql server exists." How should I resolve it?
Thanks in advance!
KarenMake sure you have set up a login mapping if required on the security tab.
See sp_addlinkedsrvlogin and "Establishing Security for Linked Servers" in
BOL for more details
--
HTH
Jasper Smith (SQL Server MVP)
I support PASS - the definitive, global
community for SQL Server professionals -
http://www.sqlpass.org
"Karen" <k.duan@.ieee.org> wrote in message
news:086b01c3506c$56832070$a001280a@.phx.gbl...
Hi,
I got "there is no security context that we could use to
verified sql server exists." How should I resolve it?
Thanks in advance!
Karen|||I got "Error 7303: Could not initialize data source object
of OLE db provider 'Microsoft jet OLEdb 4.0'".
The two servers are in different domains. One is Windows
NT 4.0 and SQL 7; the other is Windows 2000 and sql 2000.
Is there any knowing issue about this?
Thank!
Karen|||No question is stupid question; plus you don't have
resolution too.
Karen
I got "there is no security context that we could use to
verified sql server exists." How should I resolve it?
Thanks in advance!
KarenMake sure you have set up a login mapping if required on the security tab.
See sp_addlinkedsrvlogin and "Establishing Security for Linked Servers" in
BOL for more details
--
HTH
Jasper Smith (SQL Server MVP)
I support PASS - the definitive, global
community for SQL Server professionals -
http://www.sqlpass.org
"Karen" <k.duan@.ieee.org> wrote in message
news:086b01c3506c$56832070$a001280a@.phx.gbl...
Hi,
I got "there is no security context that we could use to
verified sql server exists." How should I resolve it?
Thanks in advance!
Karen|||I got "Error 7303: Could not initialize data source object
of OLE db provider 'Microsoft jet OLEdb 4.0'".
The two servers are in different domains. One is Windows
NT 4.0 and SQL 7; the other is Windows 2000 and sql 2000.
Is there any knowing issue about this?
Thank!
Karen|||No question is stupid question; plus you don't have
resolution too.
Karen
Friday, March 9, 2012
Limiting a connection to an application.
Dear All,
We use NTAuthorisation. The other day we had the auditors in the other who
pointed out a problem where although security has been implelemented data ca
n
still be accessed but using a different application i.e. word excel ect
rather than our VB App.
What is the best way of changing this so that SQL will only accept
connections from a particuar application (i.e. our vb application)
TIAI suggest you check out "application roles" in Books Online.
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
"Patricia" <Patricia@.discussions.microsoft.com> wrote in message
news:68B94CD5-3C40-404A-A236-40E1BF7ACD02@.microsoft.com...
> Dear All,
> We use NTAuthorisation. The other day we had the auditors in the other who
> pointed out a problem where although security has been implelemented data
can
> still be accessed but using a different application i.e. word excel ect
> rather than our VB App.
> What is the best way of changing this so that SQL will only accept
> connections from a particuar application (i.e. our vb application)
> TIA|||Did you think about a application role ?
http://www.sqlteam.com/item.asp?ItemID=864
HTH, Jens Smeyer.
http://www.sqlserver2005.de
--
"Patricia" <Patricia@.discussions.microsoft.com> schrieb im Newsbeitrag
news:68B94CD5-3C40-404A-A236-40E1BF7ACD02@.microsoft.com...
> Dear All,
> We use NTAuthorisation. The other day we had the auditors in the other who
> pointed out a problem where although security has been implelemented data
> can
> still be accessed but using a different application i.e. word excel ect
> rather than our VB App.
> What is the best way of changing this so that SQL will only accept
> connections from a particuar application (i.e. our vb application)
> TIA|||AFAIK, you can limit on that using Application Roles. You can take a look at
the Application roles on BOL under the title "Establishing Application
Security and Application Roles".
HTH,
Vinod Kumar
MCSE, DBA, MCAD, MCSD
http://www.extremeexperts.com
Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techin.../2000/books.asp
"Patricia" <Patricia@.discussions.microsoft.com> wrote in message
news:68B94CD5-3C40-404A-A236-40E1BF7ACD02@.microsoft.com...
> Dear All,
> We use NTAuthorisation. The other day we had the auditors in the other who
> pointed out a problem where although security has been implelemented data
can
> still be accessed but using a different application i.e. word excel ect
> rather than our VB App.
> What is the best way of changing this so that SQL will only accept
> connections from a particuar application (i.e. our vb application)
> TIA
We use NTAuthorisation. The other day we had the auditors in the other who
pointed out a problem where although security has been implelemented data ca
n
still be accessed but using a different application i.e. word excel ect
rather than our VB App.
What is the best way of changing this so that SQL will only accept
connections from a particuar application (i.e. our vb application)
TIAI suggest you check out "application roles" in Books Online.
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
"Patricia" <Patricia@.discussions.microsoft.com> wrote in message
news:68B94CD5-3C40-404A-A236-40E1BF7ACD02@.microsoft.com...
> Dear All,
> We use NTAuthorisation. The other day we had the auditors in the other who
> pointed out a problem where although security has been implelemented data
can
> still be accessed but using a different application i.e. word excel ect
> rather than our VB App.
> What is the best way of changing this so that SQL will only accept
> connections from a particuar application (i.e. our vb application)
> TIA|||Did you think about a application role ?
http://www.sqlteam.com/item.asp?ItemID=864
HTH, Jens Smeyer.
http://www.sqlserver2005.de
--
"Patricia" <Patricia@.discussions.microsoft.com> schrieb im Newsbeitrag
news:68B94CD5-3C40-404A-A236-40E1BF7ACD02@.microsoft.com...
> Dear All,
> We use NTAuthorisation. The other day we had the auditors in the other who
> pointed out a problem where although security has been implelemented data
> can
> still be accessed but using a different application i.e. word excel ect
> rather than our VB App.
> What is the best way of changing this so that SQL will only accept
> connections from a particuar application (i.e. our vb application)
> TIA|||AFAIK, you can limit on that using Application Roles. You can take a look at
the Application roles on BOL under the title "Establishing Application
Security and Application Roles".
HTH,
Vinod Kumar
MCSE, DBA, MCAD, MCSD
http://www.extremeexperts.com
Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techin.../2000/books.asp
"Patricia" <Patricia@.discussions.microsoft.com> wrote in message
news:68B94CD5-3C40-404A-A236-40E1BF7ACD02@.microsoft.com...
> Dear All,
> We use NTAuthorisation. The other day we had the auditors in the other who
> pointed out a problem where although security has been implelemented data
can
> still be accessed but using a different application i.e. word excel ect
> rather than our VB App.
> What is the best way of changing this so that SQL will only accept
> connections from a particuar application (i.e. our vb application)
> TIA
Monday, February 20, 2012
Limit remote connections
Hi,
We use SQL server 2000 on windows 2003. We usually use remote desktop to
connect to the SQL server. For security reasons, only 2 concurrent remote
desktop connections are allowed. I just noticed I'm able to use 'osql'
command to open as many connections to the SQL server as I want. Should I be
concerned? How other people deal with remote connections?
Thanks in advance,
Bing
Hello, Bing
In my opinion, the limit of 2 concurrent remote desktop connections on
Windows 2003 is for licensing reasons, not for security reasons.
Having an unlimited number of connections to SQL Server is no cause of
concern for security reasons, as long as each connection is properly
authentificated and comes from an authorised user and/or computer.
Razvan
|||On Jun 2, 1:33 pm, Razvan Socol <rso...@.gmail.com> wrote:
> Hello, Bing
> In my opinion, the limit of 2 concurrent remote desktop connections on
> Windows 2003 is for licensing reasons, not for security reasons.
> Having an unlimited number of connections to SQL Server is no cause of
> concern for security reasons, as long as each connection is properly
> authentificated and comes from an authorised user and/or computer.
> Razvan
However, you can limit the number of connections on an instance of SQL
Server, by using the "user connections" option. By default, SQL Server
allows a maximum of 32,767 user connections, but the actual number of
user connections allowed also depends on the limits of your
applications and hardware. Using the "user connections" option, you
can limit the number of connections to any desired number (less than
32,767), but this is done for performance reasons, not for security
reasons.
Razvan
We use SQL server 2000 on windows 2003. We usually use remote desktop to
connect to the SQL server. For security reasons, only 2 concurrent remote
desktop connections are allowed. I just noticed I'm able to use 'osql'
command to open as many connections to the SQL server as I want. Should I be
concerned? How other people deal with remote connections?
Thanks in advance,
Bing
Hello, Bing
In my opinion, the limit of 2 concurrent remote desktop connections on
Windows 2003 is for licensing reasons, not for security reasons.
Having an unlimited number of connections to SQL Server is no cause of
concern for security reasons, as long as each connection is properly
authentificated and comes from an authorised user and/or computer.
Razvan
|||On Jun 2, 1:33 pm, Razvan Socol <rso...@.gmail.com> wrote:
> Hello, Bing
> In my opinion, the limit of 2 concurrent remote desktop connections on
> Windows 2003 is for licensing reasons, not for security reasons.
> Having an unlimited number of connections to SQL Server is no cause of
> concern for security reasons, as long as each connection is properly
> authentificated and comes from an authorised user and/or computer.
> Razvan
However, you can limit the number of connections on an instance of SQL
Server, by using the "user connections" option. By default, SQL Server
allows a maximum of 32,767 user connections, but the actual number of
user connections allowed also depends on the limits of your
applications and hardware. Using the "user connections" option, you
can limit the number of connections to any desired number (less than
32,767), but this is done for performance reasons, not for security
reasons.
Razvan
Limit remote connections
Hi,
We use SQL server 2000 on windows 2003. We usually use remote desktop to
connect to the SQL server. For security reasons, only 2 concurrent remote
desktop connections are allowed. I just noticed I'm able to use 'osql'
command to open as many connections to the SQL server as I want. Should I b
e
concerned? How other people deal with remote connections?
Thanks in advance,
BingHello, Bing
In my opinion, the limit of 2 concurrent remote desktop connections on
Windows 2003 is for licensing reasons, not for security reasons.
Having an unlimited number of connections to SQL Server is no cause of
concern for security reasons, as long as each connection is properly
authentificated and comes from an authorised user and/or computer.
Razvan|||On Jun 2, 1:33 pm, Razvan Socol <rso...@.gmail.com> wrote:
> Hello, Bing
> In my opinion, the limit of 2 concurrent remote desktop connections on
> Windows 2003 is for licensing reasons, not for security reasons.
> Having an unlimited number of connections to SQL Server is no cause of
> concern for security reasons, as long as each connection is properly
> authentificated and comes from an authorised user and/or computer.
> Razvan
However, you can limit the number of connections on an instance of SQL
Server, by using the "user connections" option. By default, SQL Server
allows a maximum of 32,767 user connections, but the actual number of
user connections allowed also depends on the limits of your
applications and hardware. Using the "user connections" option, you
can limit the number of connections to any desired number (less than
32,767), but this is done for performance reasons, not for security
reasons.
Razvan
We use SQL server 2000 on windows 2003. We usually use remote desktop to
connect to the SQL server. For security reasons, only 2 concurrent remote
desktop connections are allowed. I just noticed I'm able to use 'osql'
command to open as many connections to the SQL server as I want. Should I b
e
concerned? How other people deal with remote connections?
Thanks in advance,
BingHello, Bing
In my opinion, the limit of 2 concurrent remote desktop connections on
Windows 2003 is for licensing reasons, not for security reasons.
Having an unlimited number of connections to SQL Server is no cause of
concern for security reasons, as long as each connection is properly
authentificated and comes from an authorised user and/or computer.
Razvan|||On Jun 2, 1:33 pm, Razvan Socol <rso...@.gmail.com> wrote:
> Hello, Bing
> In my opinion, the limit of 2 concurrent remote desktop connections on
> Windows 2003 is for licensing reasons, not for security reasons.
> Having an unlimited number of connections to SQL Server is no cause of
> concern for security reasons, as long as each connection is properly
> authentificated and comes from an authorised user and/or computer.
> Razvan
However, you can limit the number of connections on an instance of SQL
Server, by using the "user connections" option. By default, SQL Server
allows a maximum of 32,767 user connections, but the actual number of
user connections allowed also depends on the limits of your
applications and hardware. Using the "user connections" option, you
can limit the number of connections to any desired number (less than
32,767), but this is done for performance reasons, not for security
reasons.
Razvan
Limit remote connections
Hi,
We use SQL server 2000 on windows 2003. We usually use remote desktop to
connect to the SQL server. For security reasons, only 2 concurrent remote
desktop connections are allowed. I just noticed I'm able to use 'osql'
command to open as many connections to the SQL server as I want. Should I be
concerned? How other people deal with remote connections?
Thanks in advance,
BingHello, Bing
In my opinion, the limit of 2 concurrent remote desktop connections on
Windows 2003 is for licensing reasons, not for security reasons.
Having an unlimited number of connections to SQL Server is no cause of
concern for security reasons, as long as each connection is properly
authentificated and comes from an authorised user and/or computer.
Razvan|||On Jun 2, 1:33 pm, Razvan Socol <rso...@.gmail.com> wrote:
> Hello, Bing
> In my opinion, the limit of 2 concurrent remote desktop connections on
> Windows 2003 is for licensing reasons, not for security reasons.
> Having an unlimited number of connections to SQL Server is no cause of
> concern for security reasons, as long as each connection is properly
> authentificated and comes from an authorised user and/or computer.
> Razvan
However, you can limit the number of connections on an instance of SQL
Server, by using the "user connections" option. By default, SQL Server
allows a maximum of 32,767 user connections, but the actual number of
user connections allowed also depends on the limits of your
applications and hardware. Using the "user connections" option, you
can limit the number of connections to any desired number (less than
32,767), but this is done for performance reasons, not for security
reasons.
Razvan
We use SQL server 2000 on windows 2003. We usually use remote desktop to
connect to the SQL server. For security reasons, only 2 concurrent remote
desktop connections are allowed. I just noticed I'm able to use 'osql'
command to open as many connections to the SQL server as I want. Should I be
concerned? How other people deal with remote connections?
Thanks in advance,
BingHello, Bing
In my opinion, the limit of 2 concurrent remote desktop connections on
Windows 2003 is for licensing reasons, not for security reasons.
Having an unlimited number of connections to SQL Server is no cause of
concern for security reasons, as long as each connection is properly
authentificated and comes from an authorised user and/or computer.
Razvan|||On Jun 2, 1:33 pm, Razvan Socol <rso...@.gmail.com> wrote:
> Hello, Bing
> In my opinion, the limit of 2 concurrent remote desktop connections on
> Windows 2003 is for licensing reasons, not for security reasons.
> Having an unlimited number of connections to SQL Server is no cause of
> concern for security reasons, as long as each connection is properly
> authentificated and comes from an authorised user and/or computer.
> Razvan
However, you can limit the number of connections on an instance of SQL
Server, by using the "user connections" option. By default, SQL Server
allows a maximum of 32,767 user connections, but the actual number of
user connections allowed also depends on the limits of your
applications and hardware. Using the "user connections" option, you
can limit the number of connections to any desired number (less than
32,767), but this is done for performance reasons, not for security
reasons.
Razvan
Subscribe to:
Posts (Atom)