January 17, 2003 at 6:12 pm
SQL Server 2000 SP3 is now live and out of beta. You can download it here:
http://www.microsoft.com/sql/downloads/2000/sp3.asp
Be sure to read the readme carefully. There are some significant security changes and you'll be prompted for one of them when you install (cross database ownership chaining). You'll also want to grab the updated Books Online.
K. Brian Kelley
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
http://www.netimpress.com/shop/product.asp?ProductID=NI-SQL1
K. Brian Kelley
@kbriankelley
January 17, 2003 at 7:13 pm
There is supposed to be an update BOL included with some additonal changes as well. I haven't had a chance to check but that was listed to be coming. Can anyone confirm please?
January 17, 2003 at 7:57 pm
Yes, the Books Online has been updated. The link is available from the SP 3 main page.
K. Brian Kelley
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
http://www.netimpress.com/shop/product.asp?ProductID=NI-SQL1
K. Brian Kelley
@kbriankelley
January 19, 2003 at 2:23 pm
So far so good. Installed SP3 on a dev and tst box. Can't say I am thrilled about the change to sp_change_users_login--requirement for @password. It is good thing closing potential security holes, though!
January 27, 2003 at 3:30 am
quote:
Can't say I am thrilled about the change to sp_change_users_login--requirement for @password. It is good thing closing potential security holes, though!
If the login already exists the password was not necessary on my test machine.
So, there are only advantages.
Joachim.
January 27, 2003 at 9:43 am
If you have a large environment like ours you spend a lot of time moving databases between servers. The target box, for a new project, seldom has the need SQL account. You can now creat it all in one step with sp_change_users_login 'auto_fix','exampleDB',@password='PWD12!4DM'. So yes this is a good thing, but it did require a change to the way we do things and it is not backward compatible for SP2 boxes.
January 27, 2003 at 9:46 am
The @password option was added for the case where the DBA runs sp_change_users_login with @action = Auto_Fix. The idea is to prevent new logins from being created that have blank passwords.
K. Brian Kelley
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
http://www.netimpress.com/shop/product.asp?ProductID=NI-SQL1
K. Brian Kelley
@kbriankelley
January 27, 2003 at 10:04 am
Yes, but why not just check for null passwords or prohibit the creation of a new account with a null password? The way it was written broke our existing scripts. Such is one of the many problems caused by retro-fitting trustworthy computing into an existing technology. I like the goal, just wish they had started the journey earlier...
January 27, 2003 at 11:29 am
quote:
prohibit the creation of a new account with a null password
Well, this is what they are doing. If the stored procedure finds a matching login, the password field is ignored. It's only used for creating new accounts. Since the auto_fix action will creating a login if it can't match one up, it's the only safe way to do it. If the action is update_one, the password parameter isn't required.
K. Brian Kelley
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
http://www.netimpress.com/shop/product.asp?ProductID=NI-SQL1
K. Brian Kelley
@kbriankelley
January 27, 2003 at 11:41 am
Thanks for pointing out the nuance between auto_fix and update_one! I was using auto_fix with parameters that in effect worked like update_one. By changing to update_one our scripts work again.
Viewing 10 posts - 1 through 9 (of 9 total)
You must be logged in to reply to this topic. Login to reply