July 11, 2007 at 9:03 pm
They also allow user name and password in clear text... a security risk, for sure.
--Jeff Moden
Change is inevitable... Change for the better is not.
July 11, 2007 at 11:13 pm
No - there is no firewall. All of the SQL Servers involved are within the private network/same domain.
Does anyone have any experience with using the opendatasource MS SQL function who might be able to shed some light on what these errors are and why the opendatasource statement works on some servers and not others?
July 12, 2007 at 6:17 am
A couple of other suggestions:
1. Can you please take a look at master..sysservers and check whether there are any entries there for the two servers that are behaving differently? Specifically, I would look to check if there are any differences in the communication settings options (RPC-IN, OUT, etc.).
The reason is- OPENDATASOURCE is RPC based. Linked-servers use additional communication features. It is possible that old config values in sysservers are making the central server treat the two remote servers differently.
2. You mentioned that the connection was killed immediately. Can you look at the prioritization (spelling?) for killing remote connections? [don't remember where the config is. I'll have to look it up and repost], Also, if you run sp_configure (with advanced options turned on) on both remote machines - can you please let us know whether there are any differences in the config values? (the run-values, I mean).
3. You are casting the SERVERNAME as VARCHAR(255) - is it possible that one remote server has a unicode or internationalized character in its name and the other does not?
4. Can you try to use the OPENDATASOURCE command from another server to the one that posted the connection issues? Does that work?
5. Are there any other differences between the two servers? e.g., is it possible that the problematic server is a named instance on a custom port and the one that works uses standard ports? Are there any such and other communication related differences?
July 12, 2007 at 6:24 am
No... wasn't talking about external security... it's an internal security risk that would fail a PCI audit.
--Jeff Moden
Change is inevitable... Change for the better is not.
July 12, 2007 at 6:33 am
Or any other audit for that matter OPENDATASOURCE and all other OPEN commands use clear text passwords...
July 12, 2007 at 8:05 am
Can you confirm that you can "READ" *AND* not "WRITE" ?
* Noel
July 12, 2007 at 8:12 am
The SQL login being used for the opendatasoucre is secured to a single database, single table w/insert, update and select permissions on the table.
So... I've been able to select and update from several servers. The servers that fail the opendatasource fial for both SELECT and UPDATE.
July 12, 2007 at 8:51 am
July 12, 2007 at 9:03 am
I check the Disallowadhocaccess (see previous post). It is set to 0.
==========================
I've decided to abandon the use of opendatasource, opendataset, openquery....
There's simply too much variability and risk. I'm converting the code over to use dynamically created linked servers (hopfully this won't present a problem).
==========================
Thanks for all of the post and valueable input. As always... I learn a great deal from the expertise on this site.
Glenn
July 12, 2007 at 9:45 am
Linked server is the best option
July 12, 2007 at 9:54 am
July 12, 2007 at 10:48 am
OK - under the category of: nothing is ever easy...
I'm trying to create a dynamic linked server from within the Stored Procedure that will be using the linked server.
Unfortunately it appears that I can't create the linked server in this way (I've even tried to break out the creation of the LKS into a separate stored procedure and makeing a nested call. The error message I get when I try to execute the creation of the "worker" stored procedure is:
Could not find server 'xyz' in sysservers. Execute sp_addlinkedserver to add the server to sysservers.
When I execute the same stored procedure (to create the LKS) as a simple query - everything work fine.
The only thing that I can think of is to add a separate job step to create the LKS.
Any suggestions???
Thanks
Glenn
July 12, 2007 at 11:12 am
DOH....
The answer to my rather stupid question is to use dynamic SQL which will delay the need for the linked server resource until runtime.
Thanks all!!!
Glenn
July 12, 2007 at 1:33 pm
July 12, 2007 at 2:00 pm
I've got 40+ SQL Servers and I want to make the distribution of the the stored procedures encapsulated and portable - therefore the dynamic linkserver creation/drop.
The central natrue of the requirement is to provide read/write access to a central DB table from which the SPs will derive their parameters and be able to update runtime information.
Glenn
Viewing 15 posts - 16 through 30 (of 38 total)
You must be logged in to reply to this topic. Login to reply