I've been lurking for a while, but this is my first post. I've tried searching the forum, but either I'm not doing the search correctly or what I want just isn't there!
I am starting a new job soon, and it has been suggested that I take an online SQL (the query language, not SQL Server) class. Do you have any recommended (and preferably cheap!) vendors? I would need a beginner level class.
You might want to join the Association for Computing Machinery (www.acm.org). As a member (membership is about $100 USD) you have access to an extensive online course offering (as well as a large online library of books). They have a number of courses on databases. There are a handful of SQL courses, these are all part of a larger dataase curriculum that is targeted towards SQL Server, Oracle, or DB2, but the introductory courses are query language focused. See http://pd.acm.org/[^]
I'm researching encrypting certain fields in a SQL Server 2005 database. I'm interfacing with the db through a web application of my creation. I was reading through an article about DB encryption( http://blogs.technet.com/keithcombs/archive/2005/11/24/415079.aspx[^] ), and though I was able to get an experiment up and working, there were a few things I didn't understand.
Why is it such a bad idea to give a low level user access to the decrypted data, but not the certificates and keys? The person in the article created a view as an intermediary step so that the low level user can see the decrypted data, but not let that user use the certificates or keys. Why can't they just use the key to get the data manually? It's my understanding that you would have 1 key per encrypted field. Or am I wrong about that? Does 1 key and certificate cover the whole database?
In addition, if you don't want to give the low level user access to the encryption methods, what is a good way to let them encrypt something and add it to the database? I can't seem think of a method analagous to the view method demonstrated in the article.
Providing users with keys is often unnecessary and can be hidden from them. Also, access to cryptographic keys can expose the data. It is best to only give a user only as much as required to perform the specific task in an effort limit overall system liability.
A man said to the universe:
"Sir I exist!"
"However," replied the Universe, "The fact has not created in me A sense of obligation."
I am trying to install VS MSDE however when I click on setup.exe it tells me "A strong SA pasword is required for security reason. Please use SAPWD switch to supply same....."
However must articale that I read provide a command prompt option to change the SA password using osql. However when I try to run that command I recieve and error message stating that "OSQL is not a recognized internal or exteranl command...." My question are: I can not recall installing or configure SA account on my system, hence I am not sure how to access the database to update the A account. 2nd - How can I configure my PC to Osql. I have added it as a path on my PC but to no avail. Any other suggestion will be greatly appreciated.
I have not yet install MSDE. However I try to input the new password through the setup.ini option but to no avail. I am not sure what else I can do to install MSDE.exe since it is not allowing me to do so neither through windows not command prompt.
Are you sure the install has failed? MSDE gives no indication of success or failure, but would fail (with a false complaint about the sa password) on subsequent attempts to install. Have you rebooted and checked system services or the system tray to see if it is running?
I build a test report using SQL Server Business Intelligence
Development Studio. Every thing went well also I can preview of the
report. But when I wanted to deply it by right clicking it its throwing
The first message I got was
'The project cannot be deployed because no target server is specified.
Provide a value for the TargetServerURL property in the property pages
for this project.'
To over the above problem I created a URL,
http://localhost/ReportServer in the property page .
And again I tried deploying it and second I got this message :
'A connection could not be made to the report server
The attempt to connect to the report failed. Check your connection
information and that the report server is a compatible version.
This is first time I am trying to get the reports. Could some one
please help me how do proceed from here?
I'm literally trying to clone data rows, nothing very complicated, infact, they aren't even going to be changed during this section of the project.
I've captured the rows I want to clone using a custom SQL query, but I'm not sure how to insert them back into the database with new ID's(primary key is autonumber)...
can't I just run a .update of some sort?
I've tried copying the data table from results of my query and merging into the complete table, that doesn't make any change.
I dont seem to be able to .insert anything other then independant values for each column.
INSERT INTO tbABC
SELECT (all but primary key)
WHERE Name = @Name
I get an error back saying that the Column Name or number of supplied values does not match the table definition.
If I use
INSERT INTO tbABC
WHERE Name = @Name
I get a name saying that the primary key can't be duplicated (duh)... I've been looking all over the table design and properties in SQL and I can't find where I can actually pick an autonumber for the field type.
I thought that inside my dataset I'd set to AutoIncriment, seed 1, step 1..
isn't this correctly setting autonumbering for an SQL database? I'm used to access just having autonum as a field type choice.
I'm not sure if this should go here, or in the ASP.Net forum, so I'll try here and if someone wants to move it later, that's fine by me
I'm developing a web application using ASP.Net 2.0, which will be back-ended by a SQL Server 2005 database (Express for the moment, but once it prooves to be succesful, I think the bean counters will stump up for enterprise ).
The application is multi-user, so it must provide security for each user's data in that one user should not be able to view another user's data unless given permission to do so. To this end, I've decided that I need to implement row based security for each record. The plan is that each user is assigned to a role using the ASP.Net 2.0 security / login features, and each role is unique to each customer who uses the system. For example, take Mike - he works for CompanyA; in my application CompanyA is defined as a Role, and Mike is assigned to this Role. Now each and every record Mike enters is identified with the RoleID of CompanyA, and so Mike can only enter records for CompanyA and can only view records for CompanyA.
This seems like a pretty good way of acheiving this, but as always it's one of my home-brew plans, so I wondered if anyone had any experience of this kind of thing they could share, or can point out any pitfalls in my plans.
Don't you mean "Role Based Security" each user is assigned a role or trust level within the application that can if required use different database access levels as well.
You also have to consider how users with authenicate ( Windwos , Forms or both ?) and get a user id you can assign a Role or Memebership to. This can get fairly complex for mixed authenicated systems.
You could as a user is authenicated assign various Session State variable or better still a serialisable user object that can travel round with the user on each page. This will state user, customername or scope and access or trust level within the application.
Start simply and build from there.
Look where you want to go not where you don't want to crash.
Last Visit: 31-Dec-99 18:00 Last Update: 29-Jul-16 18:48