Viewing 15 posts - 3,946 through 3,960 (of 6,105 total)
We poll by making an ADO connection. There have been examples where an issue would cause SQL Server to stop responding to connection requests though the service runs.
If you want...
October 22, 2003 at 9:04 am
Did you have any traces running at the time? Do you audit login successes?
K. Brian Kelley
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
October 22, 2003 at 9:01 am
I disagree with say nothing. Use the opportunity to educate (in a gentle and calm manner) the risks. Do a risks versus functionality trade-off. Let them know, based on your...
October 22, 2003 at 9:00 am
Stored procedures will help against SQL Injection, but it isn't the cure in and of itself. A savvy attacker could misuse stored procedures or execute queries against system tables where...
October 22, 2003 at 8:53 am
Did ownership change on any of the objects in question, thereby breaking the ownership chains?
K. Brian Kelley
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
October 21, 2003 at 10:08 am
That kind of information is not stored within SQL Server. You'd have to run traces (audit login) or something similar and parse the results over time.
K. Brian Kelley
http://www.truthsolutions.com/
Author: Start to...
October 21, 2003 at 10:07 am
The SQL Server logs won't store the IP addresses, unfortunately, so you won't find that information available. SQL Server keeps track of MAC addresses in sysprocesses, but that's not recorded...
October 21, 2003 at 10:01 am
Query Analyzer can give you a GUI based interfaced when dealing with templates. It then takes the answers and fills them into the template for you.
K. Brian Kelley
http://www.truthsolutions.com/
Author: Start to...
October 21, 2003 at 9:56 am
Actually, yes, but it's more of a change control procedure than anything else. This is similar to what we did on a project recently.
For instance:
Developer documents where username/password is stored...
October 21, 2003 at 9:54 am
You have two separate tables and in one you can load data and the other you can't.
You'll need to check permissions on these tables. Check to ensure the username doing...
October 21, 2003 at 9:11 am
The other option is something I believe Andy has mentioned... use SQL Server logins for these apps and give no permissions specifically to the user. App Roles have some issues...
October 21, 2003 at 9:07 am
The owner of the table normally bypasses all permissions checks, just like dbo does (except dbo does for all objects). I agree with sqlSushi... stand up Profiler and see exactly...
October 15, 2003 at 7:30 am
If the application is capable of passing different username/passwords, then yes, a standard user-defined database role is the best option.
K. Brian Kelley
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance...
October 14, 2003 at 12:50 pm
If he's sharing a login, there's no way to grant it exclusively to him at the database level. The only way to be able to change permissions would be through...
October 14, 2003 at 12:10 pm
You won't be able to override the error message directly. What you can do is trap for an error condition before hand. For instance (within a stored procedure):
October 14, 2003 at 12:06 pm
Viewing 15 posts - 3,946 through 3,960 (of 6,105 total)