How can SQL Injection be stopped?
↧
How can SQL Injection be stopped?
↧
SQL Server Error 258
Hi Everyone,
Please check the below screenshot once, One of my client getting this error he was unable to connect to the server.
As I checked TCPIP protocol was enabled and i'm able to access the server as well but the guy getting below error message.
Please suggest me how to troubleshoot this issue..Thanks in advance!
Regards
V
DBA
↧
↧
Best way to find particular stored procedures in the database how many times hit and from where?
I know we can run trace to find all connections but if it is highly utilize production sql server, do not want to use trace. so, what is the BEST WAY to find PARTICULAR STORED PROCEDURE in particular database to see how many times gets hit and from where?
Thanks in advance.
↧
MS SQL server SSL encryption
I try to follow below KB to setup SSL encryption on the MS SQL server(2012), I have done everything it mentioned,
e.g install cert on server, enable Force protocol encryption, export the root cert and install on client,
but when I use ODBC to test the connection with encryption option, I still get the error odbc sql server driver dbnetlib ssl security error, does anyone have any idea how to deal with this? grateful for any help....thanks a lot!
https://support.microsoft.com/en-us/kb/316898
↧
The server principal "DomainFin\FinUser1" is not able to access the database "FinanceDB" under the current security context.
All,
I granted db_datareader to a domain group (DomainFin\FinanceGroup) to three databases. But when I tested the connectivity using the "Exec as Login = 'DomainFin\FinUser1'" I got the error The server principal "DomainFin\FinUser1" is not able to access the database "yyy" under the current security context.
This error turns up onyly on two databases(FinanceDB, FinanceDB_MDMDB) and not on FinanceDB_Summary.
I did some digging and found that for the two databases (FinanceDB, FinanceDB_MDMDB) the Connect access is not granted (Right Click on the database, Properties,Permissions,Explicit tab) and for FinanceDB_Summary it has been granted.
If I grant db_owner to the two databases (FinanceDB, FinanceDB_MDMDB) then it is working without any error.
I will grant CONNECT privilige and get it working. Before I grant I was wondering what could be causing this behaviour. Has anyone experienced this before.
Thanks,
rgn
↧
↧
Connecting to Linked Server in SQL Server database (Windows Authentication) from IIS
When I try to query the linked server outside of IIS, from console application everything works fine without any additional configuration.
- When I try to query the linked server from website hosted in IIS, I get the following error: Login failed for user 'DOMAIN\USER'. Obviously, I can "fix" this problem by adding that user to SQL Server, but why is it trying to access the SQL from user account and not from application's pool account? Why don't I get error Login failed for user 'IIS AppPool\MyApplicationPool'? Is there a way to force it to use application pool?
Obviously, I can't access the Linked Server data without giving that user a read permissions on the folder. If I give permissions to Everyone - it works. If I give permissions to Users - it works...but which user is accessing the linked server data? Is it the MSSQL user? Is it the DOMAIN\USER?
Is there a simple way to do the following: Force application in IIS to authenticate with IIS AppPool\MyApplicationPool instead of local account so that I can simply give the read permissions on the folder to that application pool.
- If I somehow manage to force it to use the app pool and configure the required permissions, did I bypass the double hop problem? Is there a need for Kerberos delegation?
Thank you in advance.
↧
MS Patch Impact on SQL Server
Dear Sir,
I am using below SQL Server.
Microsoft SQL Server 2008 (SP3) - 10.0.5500.0 (X64) Sep 21 2011 22:45:45 Copyright (c) 1988-2008 Microsoft Corporation Standard Edition (64-bit) on Windows NT 6.1 (Build 7601: Service Pack 1)
I am plaaning to install below patch
MS16-025
MS16-026
MS16-027
MS16-028
MS16-030
MS16-031
MS16-032
MS16-033
MS16-034
MS16-035
I want to know is there any impact on SQL Server because of these patch.Theese patch are release in 2016/03
Regards,
Deepak
↧
SQL Server database data encryption options 3rd party tools any?
SQL Server database data encryption options 3rd party tools any
Can you suggest best options/tools to do the SQL Server data encryption after sending data(encrypt format) from database to application(decrypt data),it means data should encrypt in database level and send it application side,then decrypt data at application level.
Any 3rd party tools or SQL Server data encryption options, can we use for data encrypt/decrypt?
thanks
Can you suggest best options/tools to do the SQL Server data encryption after sending data(encrypt format) from database to application(decrypt data),it means data should encrypt in database level and send it application side,then decrypt data at application level.
Any 3rd party tools or SQL Server data encryption options, can we use for data encrypt/decrypt?
thanks
↧
Cross-Database Chaining - Security Loophole
Hello,
We have two databases - DB1 and DB2. DB2 has Views that refer to tables in DB1. all the objects in DB1 and DB2 are in dbo schema owned by SA.
I think, for the view in DB2 to access tables in DB1, there are two options 1. Give the user permission on the individual tables in DB1 or 2. enable cross database chain ownership
It looks like the secuirty loopholes with cross-database chaining, seems to be if the user is owner of DB2.
In our case, the user will have data_reader,data_writer, ddl_admin, execute,create procedure\functions permissions on the database(DB2) but not db_owner.
so, should we still be worried about cross-database chaining?
Thank you
We have two databases - DB1 and DB2. DB2 has Views that refer to tables in DB1. all the objects in DB1 and DB2 are in dbo schema owned by SA.
I think, for the view in DB2 to access tables in DB1, there are two options 1. Give the user permission on the individual tables in DB1 or 2. enable cross database chain ownership
It looks like the secuirty loopholes with cross-database chaining, seems to be if the user is owner of DB2.
In our case, the user will have data_reader,data_writer, ddl_admin, execute,create procedure\functions permissions on the database(DB2) but not db_owner.
so, should we still be worried about cross-database chaining?
Thank you
Hope it Helps!!
↧
↧
SQL Server SPN issue for multiple instance
Hi,
I have one sql server 2000 SP4 which has got 05 different instances. I am wandering what will be the SPN entry for this server. Will this be,
setspn -A MSSQLSvc/FQDN:PortNo Domain\[Service Account for Default instance]
But it is not working for me. Any suggestion?
Thanks.
↧
Failing to add SSL Cert to SQL Express 2012 SP3
Have installed a valid SSL cert from RapidSSL but am not seeing it in SQL Server Configuration Manager which seems to be a common issue. Have tried the common resolutions but to no avail. I've added the SSL thumbprint to the registry key ending in
SuperSocketNetLib but in doing so the SQL Server Service fails to restart. It would only start after I remove the thumbprint from the REG key. I've confirmed the SSL has the correct "Enhanced Key Usage". the common name is in the
Subject Usage area, it is within the Valid From and To dates. This is a single server, no cluster. What might I be missing?
RFreeman
↧
Cannot login in local with sql user, password typing delay!
Hello,
we have a very strange problem!!
Server Windows 2012. Installed 4 instance, SQL2008, 2008r2, 2012 and 2014. Same problem on every instance, with every SSMS version.
In rdp on the server, login with SQL User is impossibile, password digitation is lagging (2/3 seconds between every key i press!) and even if password is correct i can't login (as password is wrong).
With Windows Authentication, everything work
From another pc, everything work, windows authentication AND sql auth!!
Only the user who INSTALL SQL, can login from local with sql user!!!
We can't understand..... Some tricks??
I'm not a fool, i found only this article about this, so i'm not alone, but with no response...
https://social.msdn.microsoft.com/Forums/sqlserver/en-US/9c7d3de5-ea07-4880-bb4f-b4740c34c8b0/ssms-on-windows-server-2012r2-connect-to-server-dialog-has-a-long-lag-of-about-3-seconds-per?forum=sqlsetupandupgrade&prof=required
Thank you
Paolo
we have a very strange problem!!
Server Windows 2012. Installed 4 instance, SQL2008, 2008r2, 2012 and 2014. Same problem on every instance, with every SSMS version.
In rdp on the server, login with SQL User is impossibile, password digitation is lagging (2/3 seconds between every key i press!) and even if password is correct i can't login (as password is wrong).
With Windows Authentication, everything work
From another pc, everything work, windows authentication AND sql auth!!
Only the user who INSTALL SQL, can login from local with sql user!!!
We can't understand..... Some tricks??
I'm not a fool, i found only this article about this, so i'm not alone, but with no response...
https://social.msdn.microsoft.com/Forums/sqlserver/en-US/9c7d3de5-ea07-4880-bb4f-b4740c34c8b0/ssms-on-windows-server-2012r2-connect-to-server-dialog-has-a-long-lag-of-about-3-seconds-per?forum=sqlsetupandupgrade&prof=required
Thank you
Paolo
↧
Sql Server Login user sa Password keep changing every day.
Hi ,
I am facing the sa user login failed everyday one or two times. Each and every time i choose windows authentication mode and then
i will set the password, this issue is keep on coming from paste two three months.I have checked this in sql server log in that i can see like this.Please any one help me out.
Login Failed for user 'sa' Reason:Passsword did not match that for the login provided client:<IP >(Its an Firewall IP)
ERROR:18456,Severity : 14,State:8
↧
↧
Login Creation Issue
Hi,
There is an issue whenever i create a new login in the SQL server in almost all version(2005/2008/2012) I give the DB Owner rights to the selected database inUser_Mapping and after saving when tried to run my application it shows access denied issue. Later i checked the login details inUser_Mapping option DB_Owner check-Box is automatically Unchecked, this happens only I create the login details first time.
Resolution: I have to go to login details setting two times in first attempt, i just create the login details and in second attempt, i have to give the user_mapping details.
Thanks & regards
Rajan Shukla
↧
Audit functionality question - security log
Hi
I am currently tasked with auditing certain tables that have sensitive data.
I have created a database audit spec which is built on a server spec which logs to the windows security log.
It logs to the security log just fine but when I query upon a data sensitive column, the full statement is output to the windows log.
Is there any way of the audit still running but the SQL query statement being masked out in the security log?
Thanks in advance.
↧
ModuleSigner CERTIFICATE_MAPPED_USER in SSISDB
Hi,
We have ModuleSigner CERTIFICATE_MAPPED_USER in SSISDB. User is mapped to MS_SQLISSigningCertificate certificate. I was not able to find any documentation if this is native Microsoft configuration. If it is what function it does? and why it is needed? Any more information about this?
Thanks
↧
Security around schemas in SQL Server
Hi Experts,
Say we want to enable a user to create procs and tables in dbo schema and user should only have access to the tables/procs that he own/created. The only way by far I found by keeping the permissions to be minimal is to add the user to the database with create table & proc permissions on the database. At this point if the user creates any object it fails as the user have no ALTER permissions on dbo schema. But if I grant ALTER on SCHEMA dbo, It elevates the user privileges and now users can fiddle with anything that is already there in that schema and also they can create procs by referencing other objects in different databases via ownership chaining in some situations which is a security hole.
May be possible workarounds
- is to deny access to other objects that the user doesn’t own. But this is not an ideal process as it involves too much work as more and more objects get added to the database by different users.
- Create individual schemas for uses and let them have access to their only schemas. But am not sure if this is ideal in most cases
Have anyone ever came across this situation? Is there any work around
Thanks
Bhanu
↧
↧
after removing TDE and re-starting the SQL Server instance the tempdb is still showing is as encrypted
Hello All,
I created a TDE on one of the database and then i dropped and removed teh TDE and even removed all the databases, and even after restarting the sql instance the is_encrypted is showing as 1 for tempdb
checked
select * from master.sys.certificates
SELECT * FROM master.sys.symmetric_keys
select * FROM sys.dm_database_encryption_keys
all are clean.
is there any way to come out of this situation
↧
New Login creation options
When creating new login from Sql Server Management Studio, on the Login - New window, the options available under General are "Default database:" and "Default language:".
Does it matter if I specify the user to a specific database under "Default Database"? What security gains will I get if I set it to the mapped database vs leaving it asmaster?
Is it good practice to specify the database if we know that username definitely will not need access to other databases?
Are there any possible unintended consequences by setting the "default database"?
Thanks.
Edit: This is for SQL 2008 and SQL2012
↧
Logon Login failed for user 'xyz'. Reason: Failed to open the explicitly specified database
xyz user default database is user database that is online only but still user was not able to login to server due to the error message 'Logon Login failed for user 'xyz'. Reason: Failed to open the explicitly specified database'
↧