Welcome to dbFreaks.com!
FAQFAQ    SearchSearch      ProfileProfile    Private MessagesPrivate Messages   Log inLog in

Implementing security in Sql Access application

  
   Database Help (Home) -> Security RSS
Next:  Need help on sql job/SQL dynamic sequel statement..  
Author Message
Jack

External


Since: Jan 14, 2008
Posts: 164



(Msg. 1) Posted: Thu Dec 11, 2008 2:19 pm
Post subject: Implementing security in Sql Access application
Archived from groups: microsoft>public>sqlserver>security (more info?)
Hi,
I inherited an application written in sql access. Currently the application
does not have any security. However I have to implement security in this
application. I know how to work with Access security. However I am trying to
avoid that. Instead I am trying to come up with sql server security. I have
not worked on sql server security before. Is it possible to secure Access Sql
application using just sql server security? If it is yes, is there any
article that would give me some idea as to how to implement security in the
present scenario. Thanks in advance.

 >> Stay informed about: Implementing security in Sql Access application 
Back to top
Login to vote
Erland Sommarskog2

External


Since: May 30, 2004
Posts: 2061



(Msg. 2) Posted: Thu Dec 11, 2008 3:29 pm
Post subject: Re: Implementing security in Sql Access application [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Jack (Jack@discussions.microsoft.com) writes:
> I inherited an application written in sql access. Currently the
> application does not have any security. However I have to implement
> security in this application. I know how to work with Access security.
> However I am trying to avoid that. Instead I am trying to come up with
> sql server security. I have not worked on sql server security before. Is
> it possible to secure Access Sql application using just sql server
> security? If it is yes, is there any article that would give me some
> idea as to how to implement security in the present scenario. Thanks in
> advance.

Since I don't know what your security issues are it's difficult to give
specific advice, but Books Online as a section on security. That could be
place to start.


--
Erland Sommarskog, SQL Server MVP, esquel.DeleteThis@sommarskog.se

Links for SQL Server Books Online:
SQL 2008: http://msdn.microsoft.com/en-us/sqlserver/cc514207.aspx
SQL 2005: http://msdn.microsoft.com/en-us/sqlserver/bb895970.aspx
SQL 2000: http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx

 >> Stay informed about: Implementing security in Sql Access application 
Back to top
Login to vote
Jack

External


Since: Jan 14, 2008
Posts: 164



(Msg. 3) Posted: Thu Dec 11, 2008 4:06 pm
Post subject: Re: Implementing security in Sql Access application [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Thanks for your kind advice. I will take a look at it as a starting point.

"Erland Sommarskog" wrote:

> Jack (Jack@discussions.microsoft.com) writes:
> > I inherited an application written in sql access. Currently the
> > application does not have any security. However I have to implement
> > security in this application. I know how to work with Access security.
> > However I am trying to avoid that. Instead I am trying to come up with
> > sql server security. I have not worked on sql server security before. Is
> > it possible to secure Access Sql application using just sql server
> > security? If it is yes, is there any article that would give me some
> > idea as to how to implement security in the present scenario. Thanks in
> > advance.
>
> Since I don't know what your security issues are it's difficult to give
> specific advice, but Books Online as a section on security. That could be
> place to start.
>
>
> --
> Erland Sommarskog, SQL Server MVP, esquel DeleteThis @sommarskog.se
>
> Links for SQL Server Books Online:
> SQL 2008: http://msdn.microsoft.com/en-us/sqlserver/cc514207.aspx
> SQL 2005: http://msdn.microsoft.com/en-us/sqlserver/bb895970.aspx
> SQL 2000: http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx
>
>
 >> Stay informed about: Implementing security in Sql Access application 
Back to top
Login to vote
Mary Chipman [MSFT]

External


Since: Feb 04, 2005
Posts: 31



(Msg. 4) Posted: Fri Dec 12, 2008 1:03 pm
Post subject: Re: Implementing security in Sql Access application [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
If you know how to work with role-based security in Access, it's
pretty much the same as SQL Server, except reversed. What I mean by
that is by default Access security is turned off, and in SQLS it's on.
You must explicitly grant permissions, and instead of everyone being
in Admins by default with full rights, they are in the public role by
default. Another different wrinkle is that there's server level
security and database level security, so theoretically someone could
log on to the server and not be able to connect to a database. What's
the same is you never grant permissions to users, only to roles, and
then add users to roles. In SQLS 2005 and 2008 you also have schemas,
which gives you a little more flexibility. So this is already getting
confusing, right? Smile Even though you're using Access and not ADO.NET,
this conceptual topic explains the basic concepts and has links to
relevant topics in SQL BOL. See
http://msdn.microsoft.com/en-us/library/bb669074.aspx.

--Mary

On Thu, 11 Dec 2008 14:19:02 -0800, Jack
wrote:

>Hi,
>I inherited an application written in sql access. Currently the application
>does not have any security. However I have to implement security in this
>application. I know how to work with Access security. However I am trying to
>avoid that. Instead I am trying to come up with sql server security. I have
>not worked on sql server security before. Is it possible to secure Access Sql
>application using just sql server security? If it is yes, is there any
>article that would give me some idea as to how to implement security in the
>present scenario. Thanks in advance.
 >> Stay informed about: Implementing security in Sql Access application 
Back to top
Login to vote
Display posts from previous:   
Related Topics:
Access to database through application only - I need to restrict my users to accessing the application to using Cognos only. Anyway I can get that done?

.NET Code Access Security fundamentals - "Using the CAS layer is a huge improvement over running extended stored procedures under default login credentials..." (SQL Server 2005 Unleashed, p 1332) Yes, this is wonderful, but in the context of my project, we would all be quite satis...

The server principal "dhtest" is not able to access the da.. - Hi, I am running into an issue that I really need resolved today. Simply put, I am getting the error: The server principal "dhtest" is not able to access the database "dhtest2" under the current security context. (Microsoft SQL Se...

Security Audit - I have problem with opening a SQL Server Logs. It takes over 5-10minutes to open the log file (Under Management->SQL Server Logs->Current). I have Audit level to log "ALL" due to SOX compliance. The errorlog files are about 19 megaby...

Integrated Security in the DMZ - I have a test web server in a domain. The IIS identity as a domain account. The website can access SQl Server (2005) using integrated security. I have a production web server in DMZ out side the domain. How can I setup the webserver to use integrated....
   Database Help (Home) -> Security All times are: Pacific Time (US & Canada)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You can edit your posts in this forum
You can delete your posts in this forum
You can vote in polls in this forum



[ Contact us | Terms of Service/Privacy Policy ]