How to FileCopy LAN to DMZ using SQL?
-
I need to get files back & forth between DMZ and LAN. DMZ is "file copy" "locked down". I do have full SQL Srv. access however. I can write some complicated script with TextCopy and IMAGE columns etc. I was wondering if SQL Server has anything built-in to do SQL Srv. to SQL Svr. file movements?
Thanks
Once you understand the BITs, all the pieces come together
-
we have a situation similar to yours. if there's truly a hard file copy (or ftp) lock down, i guess you have to proceed with your sql-based solution: i don't know of any builtin sql features. but, maybe you can get the admins to loosen up a bit. read on ...
we have a lockdown on copying files from the dmz server into our secured network... what we call a "push".
Instead, we pull the file(s). I.e., an authorized client/server makes a connection to the dmz using a dmz-based local account, then copies the from the dmz server to the internally networked server.
In your case, you could further restrain the times of days or days of week the copies could be made.
by the way, if you have a gi-hugic file (gb's or tb's) to copy via your sql solution.... g'luck!
tony
TONYMARKS -
Thanks Tony,
Thank god, just little (<MB - > ~ 10MB etc) files here and there, nothing scheduled or anything, just when we do some work on the LAN, and want to get a darn file to the DMZ without having to keep floppies or "personal" USB memory drives around. And we all hate to walk from one computer to another (isn't that why they invented networks anyway???).
Was thinking maybe putting a "who cares if it gets hacked" PC on the DMZ, then copy what we want to it, then have the DMZ box "establish" the share to the "hack-box" and get the files ???
My problem is, the LAN firewall won't allow "external established", and niether do the DMZ boxes. The net guys are unable to put a firewall on the T1 router (they say because the Cisco 1720 get's confused because of our NATing and multiple net segments, all goes to hell when filtering is added to the config set???), so each DMZ box is individually firewalled. In otherwords, you (Tony) have more network access to my DMZ than I do
.
Once you understand the BITs, all the pieces come together -
Yikes, glad I'm not working in that environment!
I would hate to have to do this but... you could write a simple VB app to put/save a file into a blob field in the database. Then put the VB app on the server and client. When you need to copy files put them in using your little app, go to the server and pull them back out. It would take a little work but would probably work for you without too much trouble. I would also have some pretty good security on who could run this little jewel!
Gary Johnson
Microsoft Natural Language Group
DBA, Sr. DB EngineerThis posting is provided "AS IS" with no warranties, and confers no rights. The opinions expressed in this post are my own and may not reflect that of my employer.
-
OK, I've got the data (File) in the LAN DB, "Linked" the DMZ DB (used MSDASQL...DRIVER={SQL Server}) , made same structure table on DMZ DB I try to
Insert Into LinkedSrv.Database.DBO.FileCopyTable (RID, ZIPFileData) select RID, ZIPFileData from FileCopyTable
and I get
Server: Msg 7399, Level 16, State 1, Line 1
OLE DB provider 'MSDASQL' reported an error.
[OLE/DB provider returned message: Query-based insertion or updating of BLOB values is not supported.]
OLE DB error trace [OLE/DB Provider 'MSDASQL' IRowsetChange::InsertRow returned 0x80004005: ].
I'm used to going the other way... Insert into Local .. Select From Remote, and I do not get this problem. I can not do this, since the proccess must "establish" from the LAN side. Any ideas?
I Guess I can copy from the DMZ to LAN this way... I'll try that also. ( If that works, then the LAN becomes more vunerable than the DMZ. Who'ed a thunk?)
Once you understand the BITs, all the pieces come together -
I haven't tried this but what if you turn your insert statement into an SP on the DMZ side. Then simply pass the blob data as a parameter?
Gary Johnson
Microsoft Natural Language Group
DBA, Sr. DB EngineerThis posting is provided "AS IS" with no warranties, and confers no rights. The opinions expressed in this post are my own and may not reflect that of my employer.
-
Thanks, I have to leave in a couple min., ....
How do I pass a blob > 8K as a parameter to SP?
I always place blobs in [#]Tables, then call SP , but since it's a remote SP, it can't see any of my local data
.
Once you understand the BITs, all the pieces come together
Viewing 7 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic. Login to reply