Can I run ASP.NET 2.0 and 3.5 code on the same website?
May 22, 2009
May 14, 2009
SQL Server 2005 SSIS location of DTS packages
You can save them as .dtsx files, or they are stored in the msdb database (you will have to query tables sysdtspackages90 and sysdtspackages to see the information).
Bear in mind, if you have a standalone .dtsx package with no associated project, you cannot use the cool debug feature in Business Intelligence Studio.
May 1, 2009
How to lock down SQL Server 2005 and 2008
How to lock down SQL Server 2005 and 2008
These are a few essential steps to lock down SQL Server 2005. By doing this properly, you should be able to thwart most of the hacker attacks.
- Have a strong SA password
- Fully understand who needs to connect remotely to SQL Server and only grant those logins (security à logins à user à status à grant or revoke). Perhaps all they need is to connect via a connection string for their work so there is no need for them to be able to connect to SQL Server using Management Console.
- Be wary of elevated privileges given to users, such as sysadmin and db_owner. Check at system level and then at database specific level for any unneeded elevated privileges.
- Use groups to define security rather than individual users. This approach is easier to manage long term.
- Define your firewall defense properly for the database server
- Under Surface Area Configuration, decide whether you need remote connections enabled at all. If so, do you need both named pipes and TCP/IP or could you just limit to one.
reasons why you cannot connect or login to SQL Server remotely
How to connect or login remotely to SQL Server
It's a little tricky, but over the years I've accumulated this knowledge.
Bear in mind these tips are not a connection string or web.config exercise or troubleshooting why an application cannot connect to a SQL Server database.
These tips for more for the general developer using SQL Server Management Console to try and connect to other SQL Server servers within the enterprise for TSQL and query work.
- Make sure you have the SQL Server name right. Sometimes it is just the server name (like TOMMACHINE). Sometimes it is server name plus instance name (like TOMMACHINE\CRM).
- Log in locally to the server (or have DBA verify) and check under Management Console
- under overall security à logins
- you have the user or domain users defined
- properties of the user
- server roles checked to public at a minimum
- server roles checked to sysadmin (if that user will be an administrator)
- user mapping – select the appropriate databases
- database role membership checked to public
- database role membership checked to db_owner for elevated privileges
- status
- set grant to permission to connect to database engine
- set login to enabled
- under database security à users
- the user has been added to that database
- if necessary, the database role membership for that user is set to db_owner
- Log in locally to the server (or have DBA verify) and check under Surface Area Configuration
- Database à Remote Connections
- Set to Local and remote connections
- If you choose TCP/IP only, when you connect, you need to go to Options and further define your connection to TCP/IP login
- The default login protocol is Named Pipes, so if this is used, you can do the quick connect without using the Options
- Or just choose Using both TCP/IP and named pipes to solve that dilemma!
- You might need to define your SQL Server alias (for either TCP/IP or named pipes), I won't go into details here, you can find more information online.
- Firewall security can be a factor
- Make sure the server firewall is allowing port 1433. There may be other ports needed. Please check elsewhere for that information.
- Make sure your PC firewall is allowing communication with port 1433
- Make sure your PC firewall is allowing the Management Console application to be an exception to the firewall rules
Subscribe to:
Posts (Atom)