<a href="http://g.adspeed.net/ad.php?do=clk&zid=15220&wd=468&ht=60&pair=as" target="_blank"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=15220&wd=468&ht=60&pair=as" alt="i" width="468" height="60"/></a>
Log in
::
Register
::
Not logged in
Home
Tags
Articles
Editorials
Stairways
Forums
Scripts
Videos
Blogs
QotD
Books
Ask SSC
SQL Jobs
Training
Authors
About us
Contact us
Newsletters
Write for us
<a href="http://g.adspeed.net/ad.php?do=clk&zid=15491&wd=120&ht=300&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=15491&wd=120&ht=300&pair=as" alt="i" width="120" height="300"/></a>
Recent Posts
Recent Posts
Popular Topics
Popular Topics
Home
Search
Members
Calendar
Who's On
Home
»
Article Discussions
»
Article Discussions by Author
»
Discuss content posted by Jonathan Kehayias
»
Trading in xp_cmdshell for SQLCLR (Part 1) -...
137 posts, Page 13 of 14
««
«
10
11
12
13
14
»»
Trading in xp_cmdshell for SQLCLR (Part 1) - List Directory Contents
Rate Topic
Display Mode
Topic Options
Author
Message
Lempster
Lempster
Posted Thursday, August 23, 2012 9:43 AM
UDP Broadcaster
Group: General Forum Members
Last Login: Yesterday @ 8:40 AM
Points: 1,450,
Visits: 760
I don't know if anyone is still looking at this old thread - I've got a huge backlog of SQLServerCentral emails to work through - but I just wanted to thank all the contributors for a great discussion.
And thanks to Jonathan for the original article. I have not seen a better introduction to the use of CLRs and even though I have not used one myself up until now I will certainly be more open-minded to the use of them from now on.
Kudos to Jeff too for being gracious enough to take the time to properly investigate the use of a method that he would personally avoid.
Personally I do not have xp_cmdshell enabled, but use a stored procedure to create a self-deleting SQL Server Agent job to invoke xp_cmdshell, do whatever is necessary, e.g. file system manipulation, bcp and then exit.
Latterly I've also been looking at using PowerShell to carry out O/S tasks as I'm of the opinion that such tasks should be outside of the remit of T-SQL... at least until/unless MS add some proper file manipulation functions to T-SQL as one of the previous posts mentioned...can't remember which, sorry.
Anyway, a great debate that perfectly demonstrates the power of these forums and that we can all learn from each no other no matter how set in our ways we may be.
Regards
Lempster
Post #1349218
Jeff Moden
Jeff Moden
Posted Thursday, August 23, 2012 1:50 PM
SSC-Dedicated
Group: General Forum Members
Last Login: Today @ 2:32 PM
Points: 32,906,
Visits: 26,792
Lempster (8/23/2012)
I don't know if anyone is still looking at this old thread - I've got a huge backlog of SQLServerCentral emails to work through - but I just wanted to thank all the contributors for a great discussion.
And thanks to Jonathan for the original article. I have not seen a better introduction to the use of CLRs and even though I have not used one myself up until now I will certainly be more open-minded to the use of them from now on.
Kudos to Jeff too for being gracious enough to take the time to properly investigate the use of a method that he would personally avoid.
Personally I do not have xp_cmdshell enabled, but use a stored procedure to create a self-deleting SQL Server Agent job to invoke xp_cmdshell, do whatever is necessary, e.g. file system manipulation, bcp and then exit.
Latterly I've also been looking at using PowerShell to carry out O/S tasks as I'm of the opinion that such tasks should be outside of the remit of T-SQL... at least until/unless MS add some proper file manipulation functions to T-SQL as one of the previous posts mentioned...can't remember which, sorry.
Anyway, a great debate that perfectly demonstrates the power of these forums and that we can all learn from each no other no matter how set in our ways we may be.
Regards
Lempster
Very cool feedback all around.
As a bit of a sidebar, I use XP_CmdShell to run PowerShell.
It's quite safe to do if the system is properly locked down (only DBAs have SA privs and no one has proxy rights to run xp_CmdShell directly... only via stored procedures they've been granted privs to).
--Jeff Moden
"
RBAR
is pronounced "ree-bar" and is a "Modenism" for "
R
ow-
B
y-
A
gonizing-
R
ow".
First step towards the paradigm shift of writing Set Based code:
Stop thinking about what you want to do to a row... think, instead, of what you want to do to a column."
For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
Post #1349337
Charles Kincaid
Charles Kincaid
Posted Thursday, August 23, 2012 6:43 PM
Right there with Babe
Group: General Forum Members
Last Login: Friday, May 17, 2013 9:18 AM
Points: 772,
Visits: 1,825
As for not having the source code, that might not be as big of a thing as you think. If you can extract the assembly as a file then you can the go ask the good folks at Red Gate. They have a fine product that helps with Dot Net assemblies.
ATB
Charles Kincaid
Post #1349409
rmechaber
rmechaber
Posted Friday, August 24, 2012 8:17 AM
SSChasing Mays
Group: General Forum Members
Last Login: Wednesday, May 15, 2013 7:43 AM
Points: 656,
Visits: 2,921
Jeff Moden (8/23/2012)
As a bit of a sidebar, I use XP_CmdShell to run PowerShell.
It's quite safe to do if the system is properly locked down (only DBAs have SA privs and no one has proxy rights to run xp_CmdShell directly... only via stored procedures they've been granted privs to).
Jeff, would you be willing to elaborate on this, maybe with a link or two? Specifically, I'm interested in how you control proxy rights to xp_CmdShell (to prevent ad hoc use) and if there's anything in particular needed when building stored procedures to execute it?
Thanks very much,
Rich
Post #1349697
Jeff Moden
Jeff Moden
Posted Friday, August 24, 2012 10:03 AM
SSC-Dedicated
Group: General Forum Members
Last Login: Today @ 2:32 PM
Points: 32,906,
Visits: 26,792
rmechaber (8/24/2012)
Jeff Moden (8/23/2012)
As a bit of a sidebar, I use XP_CmdShell to run PowerShell.
It's quite safe to do if the system is properly locked down (only DBAs have SA privs and no one has proxy rights to run xp_CmdShell directly... only via stored procedures they've been granted privs to).
Jeff, would you be willing to elaborate on this, maybe with a link or two? Specifically, I'm interested in how you control proxy rights to xp_CmdShell (to prevent ad hoc use) and if there's anything in particular needed when building stored procedures to execute it?
Thanks very much,
Rich
I have a demo script at home that I could share. I'll post it tonight.
--Jeff Moden
"
RBAR
is pronounced "ree-bar" and is a "Modenism" for "
R
ow-
B
y-
A
gonizing-
R
ow".
First step towards the paradigm shift of writing Set Based code:
Stop thinking about what you want to do to a row... think, instead, of what you want to do to a column."
For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
Post #1349788
robert.baker 21596
robert.baker 21596
Posted Wednesday, October 03, 2012 4:51 AM
Forum Newbie
Group: General Forum Members
Last Login: Wednesday, December 19, 2012 3:19 AM
Points: 2,
Visits: 6
Hi there
Sorry if this came up already, I skimmed through the thread and couldn't see anything, but I have upgraded a 2005 installation which had this CLR assembly installed for copying files. I set up the same assembly from an asymmetric key in SQL 2008 R2 but when I try to use it I get error:
The process does not possess the 'SeSecurityPrivilege' privilege which is required for this operation.
Anybody have any pointers as to what permissions I need to set - would this be a permission problem for the login I created against the key?
Post #1367550
rmechaber
rmechaber
Posted Wednesday, October 03, 2012 6:19 AM
SSChasing Mays
Group: General Forum Members
Last Login: Wednesday, May 15, 2013 7:43 AM
Points: 656,
Visits: 2,921
Jeff Moden (8/24/2012)
rmechaber (8/24/2012)
Jeff Moden (8/23/2012)
As a bit of a sidebar, I use XP_CmdShell to run PowerShell.
It's quite safe to do if the system is properly locked down (only DBAs have SA privs and no one has proxy rights to run xp_CmdShell directly... only via stored procedures they've been granted privs to).
Jeff, would you be willing to elaborate on this, maybe with a link or two? Specifically, I'm interested in how you control proxy rights to xp_CmdShell (to prevent ad hoc use) and if there's anything in particular needed when building stored procedures to execute it?
Thanks very much,
Rich
I have a demo script at home that I could share. I'll post it tonight.
Hi, Jeff, any luck running down that demo? I'd very much appreciate it!
Rich
Post #1367609
robert.baker 21596
robert.baker 21596
Posted Wednesday, October 03, 2012 8:41 AM
Forum Newbie
Group: General Forum Members
Last Login: Wednesday, December 19, 2012 3:19 AM
Points: 2,
Visits: 6
I resolved my error:
The process does not possess the 'SeSecurityPrivilege' privilege which is required for this operation.
when I re-read the BOL around CLR Security integration, and realised it was impersonating the SQL Service account for os operations like file copy. I just had to adjust the permissions of the service account so it matched the service account on the old 2005 server.
Sorry for polluting the conversation with newbie stuff
Post #1367734
Jeff Moden
Jeff Moden
Posted Wednesday, October 03, 2012 10:51 AM
SSC-Dedicated
Group: General Forum Members
Last Login: Today @ 2:32 PM
Points: 32,906,
Visits: 26,792
rmechaber (10/3/2012)
Jeff Moden (8/24/2012)
rmechaber (8/24/2012)
Jeff Moden (8/23/2012)
As a bit of a sidebar, I use XP_CmdShell to run PowerShell.
It's quite safe to do if the system is properly locked down (only DBAs have SA privs and no one has proxy rights to run xp_CmdShell directly... only via stored procedures they've been granted privs to).
Jeff, would you be willing to elaborate on this, maybe with a link or two? Specifically, I'm interested in how you control proxy rights to xp_CmdShell (to prevent ad hoc use) and if there's anything in particular needed when building stored procedures to execute it?
Thanks very much,
Rich
I have a demo script at home that I could share. I'll post it tonight.
Hi, Jeff, any luck running down that demo? I'd very much appreciate it!
Rich
My apologies. I lost track of this thread. I'll try to post the demo tonight. Yeah... I know... said that before and, again, apologies for not following up.
--Jeff Moden
"
RBAR
is pronounced "ree-bar" and is a "Modenism" for "
R
ow-
B
y-
A
gonizing-
R
ow".
First step towards the paradigm shift of writing Set Based code:
Stop thinking about what you want to do to a row... think, instead, of what you want to do to a column."
For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
Post #1367855
Jeff Moden
Jeff Moden
Posted Wednesday, October 03, 2012 10:57 AM
SSC-Dedicated
Group: General Forum Members
Last Login: Today @ 2:32 PM
Points: 32,906,
Visits: 26,792
robert.baker 21596 (10/3/2012)
I resolved my error:
The process does not possess the 'SeSecurityPrivilege' privilege which is required for this operation.
when I re-read the BOL around CLR Security integration, and realised it was impersonating the SQL Service account for os operations like file copy. I just had to adjust the permissions of the service account so it matched the service account on the old 2005 server.
Sorry for polluting the conversation with newbie stuff
Nah... it's good stuff. Thank you for taking the time to post back. It'll help others.
--Jeff Moden
"
RBAR
is pronounced "ree-bar" and is a "Modenism" for "
R
ow-
B
y-
A
gonizing-
R
ow".
First step towards the paradigm shift of writing Set Based code:
Stop thinking about what you want to do to a row... think, instead, of what you want to do to a column."
For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
Post #1367865
« Prev Topic
|
Next Topic »
137 posts, Page 13 of 14
««
«
10
11
12
13
14
»»
Permissions
You
cannot
post new topics.
You
cannot
post topic replies.
You
cannot
post new polls.
You
cannot
post replies to polls.
You
cannot
edit your own topics.
You
cannot
delete your own topics.
You
cannot
edit other topics.
You
cannot
delete other topics.
You
cannot
edit your own posts.
You
cannot
edit other posts.
You
cannot
delete your own posts.
You
cannot
delete other posts.
You
cannot
post events.
You
cannot
edit your own events.
You
cannot
edit other events.
You
cannot
delete your own events.
You
cannot
delete other events.
You
cannot
send private messages.
You
cannot
send emails.
You
may
read topics.
You
cannot
rate topics.
You
cannot
vote within polls.
You
cannot
upload attachments.
You
may
download attachments.
You
cannot
post HTML code.
You
cannot
edit HTML code.
You
cannot
post IFCode.
You
cannot
post JavaScript.
You
cannot
post EmotIcons.
You
cannot
post or upload images.
Copyright © 2002-2013 Simple Talk Publishing. All Rights Reserved.
Privacy Policy.
Terms of Use.
Report Abuse.
