Showing posts with label administration. Show all posts
Showing posts with label administration. Show all posts

Friday, March 9, 2012

password protecting data

Hi,

I need to provide a facility to do routine database administration
(backups, etc.) without allowing the logged in user to modify the
data in any of the SQL server tables. Is there any way to accomplish
this (such as maybe password protecting the tables or otherwise)? I am
fairly new to SQL server - so would appreciate any pointers to this.

Thanks a ton!

Regards,
Radha"M.C. Radhakrishnan" <radhakrishnan_c@.infosys.com> wrote in message
news:e76f8e68.0405270436.54de116b@.posting.google.c om...
> Hi,
> I need to provide a facility to do routine database administration
> (backups, etc.) without allowing the logged in user to modify the
> data in any of the SQL server tables. Is there any way to accomplish
> this (such as maybe password protecting the tables or otherwise)? I am
> fairly new to SQL server - so would appreciate any pointers to this.

Sounds like you want to use ROLES and use db_backupoperator.
> Thanks a ton!
> Regards,
> Radha

Posted by feltpaddedvbni at 8:02 PM 0 comments
Labels: , , , , , , , , , , , , , , , , ,

Password Problem

i have Win 2000 server and I hv installed SQL Server 200 on it. I have
changed my win 2000 Administration server password. Now SQL Server doesn't
Run. What Should I do.?
I must keep Administration password.
Pl. helpIt sounds like you've changed the password for the account under which
the SQL Server service runs. It isn't a good idea to use a domain admin
account for this anyway because doing so may be a potential security
vulnerability.
I suggest you create an account specifically for the SQL Server
service. You can find the service listed as MSSQLSERVER under the
Services node in the server MMC Management Console. Right-click, select
Properties, then select the Log On pane. Do the same for the other SQL
services that you may use: DTC, Search, Agent, etc.
David Portas
SQL Server MVP
--
Posted by feltpaddedvbni at 8:01 PM 0 comments
Labels: , , , , , , , , , ,

Password Problem

i have Win 2000 server and I hv installed SQL Server 200 on it. I have
changed my win 2000 Administration server password. Now SQL Server doesn't
Run. What Should I do.?
I must keep Administration password.
Pl. help
It sounds like you've changed the password for the account under which
the SQL Server service runs. It isn't a good idea to use a domain admin
account for this anyway because doing so may be a potential security
vulnerability.
I suggest you create an account specifically for the SQL Server
service. You can find the service listed as MSSQLSERVER under the
Services node in the server MMC Management Console. Right-click, select
Properties, then select the Log On pane. Do the same for the other SQL
services that you may use: DTC, Search, Agent, etc.
David Portas
SQL Server MVP
Posted by feltpaddedvbni at 8:01 PM 0 comments
Labels: , , , , , , , , , ,

Password Problem

i have Win 2000 server and I hv installed SQL Server 200 on it. I have
changed my win 2000 Administration server password. Now SQL Server doesn't
Run. What Should I do.?
I must keep Administration password.
Pl. helpIt sounds like you've changed the password for the account under which
the SQL Server service runs. It isn't a good idea to use a domain admin
account for this anyway because doing so may be a potential security
vulnerability.
I suggest you create an account specifically for the SQL Server
service. You can find the service listed as MSSQLSERVER under the
Services node in the server MMC Management Console. Right-click, select
Properties, then select the Log On pane. Do the same for the other SQL
services that you may use: DTC, Search, Agent, etc.
--
David Portas
SQL Server MVP
--
Posted by feltpaddedvbni at 8:01 PM 0 comments
Labels: , , , , , , , , ,

Wednesday, March 7, 2012

Password encryption and decryption

Hi there,
Currently I working on a project that requires users to enter a username and
password before they can use one of our internal administration system.
The system is built using VB6.0 and SQL server 200o on Windows 2000.
Can someone please suggest a way of encrypting and decrypting the password
so that the passwords can be stored in the databaseCall the Windows Crypto API in the VB6 application.
Lots of information on MSDN.
Pity you are not using .NET as there, it is 100's of times easier to
implement.
Regards
--
Mike Epprecht, Microsoft SQL Server MVP
Zurich, Switzerland
IM: mike@.epprecht.net
MVP Program: http://www.microsoft.com/mvp
Blog: http://www.msmvps.com/epprecht/
"Padmini" <Padmini@.discussions.microsoft.com> wrote in message
news:3DB5CD8B-17E8-459E-9CD8-331952A8FD90@.microsoft.com...
> Hi there,
> Currently I working on a project that requires users to enter a username
> and
> password before they can use one of our internal administration system.
> The system is built using VB6.0 and SQL server 200o on Windows 2000.
> Can someone please suggest a way of encrypting and decrypting the password
> so that the passwords can be stored in the database|||Don't store the password in the database. Password recovery mechanisms are
inherently insecure. Instead store a secure hash, including salt. The MS
crypto API provides the tools you need.
David Portas
SQL Server MVP
--|||are there any code examples of doing this anywhere?
"David Portas" wrote:

> Don't store the password in the database. Password recovery mechanisms are
> inherently insecure. Instead store a secure hash, including salt. The MS
> crypto API provides the tools you need.
> --
> David Portas
> SQL Server MVP
> --
Posted by feltpaddedvbni at 7:00 PM 0 comments
Labels: , , , , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)