THE LIBRARY PDSSQL.DLL CANNOT FOUND. I NEED THIS DLL.
PLEASE HELP ME
OSVALDOThat's a Crystal Reports file. See one their support article:
http://support.businessobjects.com/...es/c2001569.asp
Cindy Gross, MCDBA, MCSE
http://cindygross.tripod.com
This posting is provided "AS IS" with no warranties, and confers no rights.sql
Showing posts with label library. Show all posts
Showing posts with label library. Show all posts
Friday, March 30, 2012
Monday, March 12, 2012
Passwords retrievable via SQLDMO
I was startled, while experimenting with the SQLDMO library, to find out
that it allows you to see the passwords that were used to register SQL
Servers in Enterprise Manager. Is it me, or is this an astonishing security
breach?
Harlan Messinger
Remove the first dot from my e-mail address.
Veuillez ter le premier point de mon adresse de courriel.Correct, but you already knew the password, since this is a per user
registration, by default this information is stored in the HKEY_CURRENT_USER
hive in the Registry, so only the actual user who made the registration can
read the password he used himself to register, so he already knew the
password to begin with, you are not exposing more information in that case.
And since it is in the HEKY_CURREN_USER you need to login in with the NT
credentials of the user who created the entry to access it.
Besides that, this is why there is an option that says "Always prompt for
login name and password" which is what you should use in my opinion if you
are using standard security. Or you can always use integrated security, in
which case you do not have this problem.
GertD@.SQLDev.Net
Please reply only to the newsgroups.
This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use.
Copyright SQLDev.Net 1991-2004 All rights reserved.
"Harlan Messinger" <h.messinger@.comcast.net> wrote in message
news:34gdfoF4afco0U1@.individual.net...
>I was startled, while experimenting with the SQLDMO library, to find out
> that it allows you to see the passwords that were used to register SQL
> Servers in Enterprise Manager. Is it me, or is this an astonishing
> security
> breach?
> --
> Harlan Messinger
> Remove the first dot from my e-mail address.
> Veuillez ter le premier point de mon adresse de courriel.
>
that it allows you to see the passwords that were used to register SQL
Servers in Enterprise Manager. Is it me, or is this an astonishing security
breach?
Harlan Messinger
Remove the first dot from my e-mail address.
Veuillez ter le premier point de mon adresse de courriel.Correct, but you already knew the password, since this is a per user
registration, by default this information is stored in the HKEY_CURRENT_USER
hive in the Registry, so only the actual user who made the registration can
read the password he used himself to register, so he already knew the
password to begin with, you are not exposing more information in that case.
And since it is in the HEKY_CURREN_USER you need to login in with the NT
credentials of the user who created the entry to access it.
Besides that, this is why there is an option that says "Always prompt for
login name and password" which is what you should use in my opinion if you
are using standard security. Or you can always use integrated security, in
which case you do not have this problem.
GertD@.SQLDev.Net
Please reply only to the newsgroups.
This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use.
Copyright SQLDev.Net 1991-2004 All rights reserved.
"Harlan Messinger" <h.messinger@.comcast.net> wrote in message
news:34gdfoF4afco0U1@.individual.net...
>I was startled, while experimenting with the SQLDMO library, to find out
> that it allows you to see the passwords that were used to register SQL
> Servers in Enterprise Manager. Is it me, or is this an astonishing
> security
> breach?
> --
> Harlan Messinger
> Remove the first dot from my e-mail address.
> Veuillez ter le premier point de mon adresse de courriel.
>
Saturday, February 25, 2012
Pass-Through Authentication won't work when replicating via the ActiveX Library?
Hi all,
My sql2000 to sql2000 merge replication via internet is run via an
application on the subscriber using activex library.
I read about setting up pass-through authentication so that the user
accounts don't need to be on the same domain. So, I set up Sql Server
and Sql Agent to run on a user account set up identically on each
machine. But, it doesn't seem like the Sql Agent is even involved in
the communication on the subscriber.
Authentication at the publisher fails because it is trying to
authenticate - not the account that sql server and sql agent services
are running under - but the current windows account running on the
subscriber.
ie:
- sql server and sql agent running under "serviceAccount"
- windows user on subscriber machine logged in as "Joe"
- error at publisher = cannot authenticate Joe.
Now, if I create a Joe user on the publisher, with the same password as
on the subscriber, everything works. But this is an impossible setup to
work with because of course there will be many different unknown users.
Please, can anyone help with this? I can't find this problem
anywhere...
JJ
Its probably using the security context of the account you are logged in
under. If you were to run this program/script as a job spawned by SQL Server
agent it would work. Another option would be to use the run as command (have
a look at runas from the command prompt).
I think your best bet would be to use sql authentication though.
This could also be an rights issue when you connect to the snapshot share -
exactly what error message are you getting?
Hilary Cotter
Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html
Looking for a FAQ on Indexing Services/SQL FTS
http://www.indexserverfaq.com
"JJ" <joe.jabour@.gmail.com> wrote in message
news:1121742075.969113.19600@.z14g2000cwz.googlegro ups.com...
> Hi all,
> My sql2000 to sql2000 merge replication via internet is run via an
> application on the subscriber using activex library.
> I read about setting up pass-through authentication so that the user
> accounts don't need to be on the same domain. So, I set up Sql Server
> and Sql Agent to run on a user account set up identically on each
> machine. But, it doesn't seem like the Sql Agent is even involved in
> the communication on the subscriber.
> Authentication at the publisher fails because it is trying to
> authenticate - not the account that sql server and sql agent services
> are running under - but the current windows account running on the
> subscriber.
> ie:
> - sql server and sql agent running under "serviceAccount"
> - windows user on subscriber machine logged in as "Joe"
> - error at publisher = cannot authenticate Joe.
> Now, if I create a Joe user on the publisher, with the same password as
> on the subscriber, everything works. But this is an impossible setup to
> work with because of course there will be many different unknown users.
>
> Please, can anyone help with this? I can't find this problem
> anywhere...
> JJ
>
|||Yes I'm pretty sure that it's a rights issue - i was seeing error 1326
(unknown user or bad password). Like you said, it's likely because it's
using the security context of the account that I am logged in under on
the subscriber. In fact, I know that's the issue, b/c if I change the
username and password of my windows account that i am logged in under
on the subscriber to match the publisher, everything works like a
charm. But this is an impossible setup for me.
The issue here is that this is supposed to be an installable
application (unknown users)using MSDE on the subscriber, and the
application is using the ActiveX library - so anything outside of the
control of what can be set up by an installation app won't be feasible.
Re SQL authentication, are you saying that if I change the SQL Server
setup on the subscriber to use SQL authentication instead of windows
authentication, that it might work?
JJ
|||Yes, I am suggesting you do both (SQL authentication on the publisher and
subscriber). You can also use a com component and have this component run
under different security credentials than the account the user is logged on
under.
Hilary Cotter
Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html
Looking for a FAQ on Indexing Services/SQL FTS
http://www.indexserverfaq.com
"JJ" <joe.jabour@.gmail.com> wrote in message
news:1121776681.002861.67670@.o13g2000cwo.googlegro ups.com...
> Yes I'm pretty sure that it's a rights issue - i was seeing error 1326
> (unknown user or bad password). Like you said, it's likely because it's
> using the security context of the account that I am logged in under on
> the subscriber. In fact, I know that's the issue, b/c if I change the
> username and password of my windows account that i am logged in under
> on the subscriber to match the publisher, everything works like a
> charm. But this is an impossible setup for me.
> The issue here is that this is supposed to be an installable
> application (unknown users)using MSDE on the subscriber, and the
> application is using the ActiveX library - so anything outside of the
> control of what can be set up by an installation app won't be feasible.
>
> Re SQL authentication, are you saying that if I change the SQL Server
> setup on the subscriber to use SQL authentication instead of windows
> authentication, that it might work?
> JJ
>
|||SQL auth on both didn't work - It was still using the credentials of
the windows login on the subscriber.
Solution - I created a "launcher" application that starts the
application under credentials that match the publisher.
Thanks for the help.
|||Well, it worked on my LAN, but not when i tested it from outside the
LAN. Again, permission problems. Do I need to upgrade the server to a
domain controller?
JJ
My sql2000 to sql2000 merge replication via internet is run via an
application on the subscriber using activex library.
I read about setting up pass-through authentication so that the user
accounts don't need to be on the same domain. So, I set up Sql Server
and Sql Agent to run on a user account set up identically on each
machine. But, it doesn't seem like the Sql Agent is even involved in
the communication on the subscriber.
Authentication at the publisher fails because it is trying to
authenticate - not the account that sql server and sql agent services
are running under - but the current windows account running on the
subscriber.
ie:
- sql server and sql agent running under "serviceAccount"
- windows user on subscriber machine logged in as "Joe"
- error at publisher = cannot authenticate Joe.
Now, if I create a Joe user on the publisher, with the same password as
on the subscriber, everything works. But this is an impossible setup to
work with because of course there will be many different unknown users.
Please, can anyone help with this? I can't find this problem
anywhere...
JJ
Its probably using the security context of the account you are logged in
under. If you were to run this program/script as a job spawned by SQL Server
agent it would work. Another option would be to use the run as command (have
a look at runas from the command prompt).
I think your best bet would be to use sql authentication though.
This could also be an rights issue when you connect to the snapshot share -
exactly what error message are you getting?
Hilary Cotter
Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html
Looking for a FAQ on Indexing Services/SQL FTS
http://www.indexserverfaq.com
"JJ" <joe.jabour@.gmail.com> wrote in message
news:1121742075.969113.19600@.z14g2000cwz.googlegro ups.com...
> Hi all,
> My sql2000 to sql2000 merge replication via internet is run via an
> application on the subscriber using activex library.
> I read about setting up pass-through authentication so that the user
> accounts don't need to be on the same domain. So, I set up Sql Server
> and Sql Agent to run on a user account set up identically on each
> machine. But, it doesn't seem like the Sql Agent is even involved in
> the communication on the subscriber.
> Authentication at the publisher fails because it is trying to
> authenticate - not the account that sql server and sql agent services
> are running under - but the current windows account running on the
> subscriber.
> ie:
> - sql server and sql agent running under "serviceAccount"
> - windows user on subscriber machine logged in as "Joe"
> - error at publisher = cannot authenticate Joe.
> Now, if I create a Joe user on the publisher, with the same password as
> on the subscriber, everything works. But this is an impossible setup to
> work with because of course there will be many different unknown users.
>
> Please, can anyone help with this? I can't find this problem
> anywhere...
> JJ
>
|||Yes I'm pretty sure that it's a rights issue - i was seeing error 1326
(unknown user or bad password). Like you said, it's likely because it's
using the security context of the account that I am logged in under on
the subscriber. In fact, I know that's the issue, b/c if I change the
username and password of my windows account that i am logged in under
on the subscriber to match the publisher, everything works like a
charm. But this is an impossible setup for me.
The issue here is that this is supposed to be an installable
application (unknown users)using MSDE on the subscriber, and the
application is using the ActiveX library - so anything outside of the
control of what can be set up by an installation app won't be feasible.
Re SQL authentication, are you saying that if I change the SQL Server
setup on the subscriber to use SQL authentication instead of windows
authentication, that it might work?
JJ
|||Yes, I am suggesting you do both (SQL authentication on the publisher and
subscriber). You can also use a com component and have this component run
under different security credentials than the account the user is logged on
under.
Hilary Cotter
Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html
Looking for a FAQ on Indexing Services/SQL FTS
http://www.indexserverfaq.com
"JJ" <joe.jabour@.gmail.com> wrote in message
news:1121776681.002861.67670@.o13g2000cwo.googlegro ups.com...
> Yes I'm pretty sure that it's a rights issue - i was seeing error 1326
> (unknown user or bad password). Like you said, it's likely because it's
> using the security context of the account that I am logged in under on
> the subscriber. In fact, I know that's the issue, b/c if I change the
> username and password of my windows account that i am logged in under
> on the subscriber to match the publisher, everything works like a
> charm. But this is an impossible setup for me.
> The issue here is that this is supposed to be an installable
> application (unknown users)using MSDE on the subscriber, and the
> application is using the ActiveX library - so anything outside of the
> control of what can be set up by an installation app won't be feasible.
>
> Re SQL authentication, are you saying that if I change the SQL Server
> setup on the subscriber to use SQL authentication instead of windows
> authentication, that it might work?
> JJ
>
|||SQL auth on both didn't work - It was still using the credentials of
the windows login on the subscriber.
Solution - I created a "launcher" application that starts the
application under credentials that match the publisher.
Thanks for the help.
|||Well, it worked on my LAN, but not when i tested it from outside the
LAN. Again, permission problems. Do I need to upgrade the server to a
domain controller?
JJ
Subscribe to:
Comments (Atom)