March 31, 2008 at 9:03 pm
hi guys,
i've just wanted to make my "people.mdf " (one of my databases) ,password protected (in order to allow just authenticated connections)
i've searched this forum and also i have many books but fiyuuuvvvv:Whistling: what a complex thing ,server credentals ,logins, permissions etc. it's too complex,
isn't there a way of simply giving a username and a password to a database in sql server 2005 express,
any help will greatly appreciated, thanks.
April 2, 2008 at 6:23 am
Are you already pretty familiar with your way around Management Studio Express?
"Got no time for the jibba jabba!"
-B.A. Baracus
April 2, 2008 at 5:42 pm
yes i am using it for attach and detach processes, but i want to give a password to my mdf file (specific database not th sqlserver)
April 2, 2008 at 11:54 pm
Databases don't have passwords.
You give credentials at the server level and then set the rights those credentials have for each database.
It's not too hard a process using Object Explorer.
Create a login (either windows authentication or SQL authentication)
Select any server roles you want that login to have
Map that login to any databases you want it to have access to and select the database roles.
Could you maybe explain what you're trying to achieve?
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
April 3, 2008 at 12:44 am
First of all thanks for your answer,
for my engineering stuff my columns and the relations between them, are a solution of a very difficult problem (if any body see how i accomodate the elements in the column,that person understands the solution) so i need to hide my columns or tables structure (i could hide my stored procedures with "with encrypt" notation) may be i hoped there may be a way of hiding the table or columns or the database itself from anyone who has an enterprise manager or sql server management studio 🙁
April 3, 2008 at 12:54 am
Secure your server. Make sure no one has enough rights to log on, stop the SQL instance and copy the files off.
Make sure your backups are somewhere secure (ie, can't be misplaced or stolen)
When you create users in the database, don't give them rights to the base tables (no db_owner, db_datareader, db_datawriter)
Do all your data access through views or stored procedures, and only give the users rights to those. In sQL 2005, if a user doesn't have any rights on an object, the cannot see it or its definition.
Oh, and regarding the WITH ENCRYPT option on procs and views - it's not unbreakable. There are a number of tools available to decrypt procedures (and that's not including SQL Profiler). Last time I had a DB with an encrypted proc, it took me less than 5 min to decypt them.
If you're that concerned with someone stealing your solution, apply to the patent office. If it is that original and that important (assuming you'r in the USA or another country with a similar patent process)
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
April 3, 2008 at 1:55 am
thanks for your kindly answers,
at least you gave me a start point and gave me a lot to think about "with encrypt"
unfortunately, i am not in u.s.a and only really really big companies can have copyrights for their products because a copyrihgt or a patent pending costs a very large amount in my country i can't even dare to try (even the copyright laws are not completely obvious here),
thank you so much 🙂
Viewing 7 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic. Login to reply