Solved

how to secure SSISConfigurations table with ssis configuration details.    URGENT HELP REQUIRED!!!!!!!!!!!!!!

Posted on 2011-03-10
2
343 Views
Last Modified: 2012-06-27


Hi,

I want to assign  permissions to select, update and write (means all) SSISConfigurations table which contains ssis connection strings and connection passwords to only a user abc and sqlAgent login which would use it while running ssis package which is deployed to sql server.

Can you please tell me the process to secure this table so no one except the authorized user can open it or view it.

URGENT HELP REQUIRED!!!!!!!!!!!!!!!!

Thanks.
0
Comment
Question by:ezkhan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 21

Accepted Solution

by:
Jason Yousef, MS earned 250 total points
ID: 35101895
Hello,
You can restrict users using ROLES, or you can on views and schemas.
so you can create views of the table and restrict access to them.

or create new schema for each user and create his table under it.

take a look at this website.
http://www.techrepublic.com/article/understanding-roles-in-sql-server-security/1061781

http://vyaskn.tripod.com/sql_server_security_best_practices.htm

http://beginner-sql-tutorial.com/sql-grant-revoke-privileges-roles.htm

http://www.sqlservercentral.com/Forums/Topic490100-359-1.aspx

Hope that helps
Jason

0
 
LVL 40

Assisted Solution

by:lcohan
lcohan earned 250 total points
ID: 35109614
You need to EXPLICITELY revoke ALL rights against that databse table for ALL users/roles in the sql database then grant select, update on SSISConfigurations to abc.
Exception to the rule would be any user in the sysadmin server role  on the SQL server.

Here's one script you can run against the DB - just put the object name at the end instead of 'clients'
to help you gett all permissions on that object then script to REVOKE all you want to restrict:

select
 sysusers.name as username, sysusers.gid,
 sysobjects.name as objectname, sysobjects.id,
 CASE WHEN sysprotects_1.action is null THEN CASE WHEN sys.sysobjects.xtype = 'P' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'SELECT',
 CASE WHEN sysprotects_2.action is null THEN CASE WHEN sys.sysobjects.xtype = 'P' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'INSERT',
 CASE WHEN sysprotects_3.action is null THEN CASE WHEN sys.sysobjects.xtype = 'P' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'UPDATE',
 CASE WHEN sysprotects_4.action is null THEN CASE WHEN sys.sysobjects.xtype = 'P' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'DELETE',
 CASE WHEN sysprotects_5.action is null THEN CASE WHEN sys.sysobjects.xtype = 'U' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'EXECUTE'
from
 sys.sysusers
 full join sys.sysobjects on ( sysobjects.xtype in ( 'P', 'U' ) and sysobjects.Name NOT LIKE 'dt%' )
 left join sys.sysprotects as sysprotects_1
  on sysprotects_1.uid = sysusers.uid and sysprotects_1.id = sysobjects.id and sysprotects_1.action = 193 and sysprotects_1.protecttype in ( 204, 205 )
 left join sys.sysprotects as sysprotects_2
  on sysprotects_2.uid = sysusers.uid and sysprotects_2.id = sysobjects.id and sysprotects_2.action = 195 and sysprotects_2.protecttype in ( 204, 205 )
 left join sys.sysprotects as sysprotects_3
  on sysprotects_3.uid = sysusers.uid and sysprotects_3.id = sysobjects.id and sysprotects_3.action = 197 and sysprotects_3.protecttype in ( 204, 205 )
 left join sys.sysprotects as sysprotects_4
  on sysprotects_4.uid = sysusers.uid and sysprotects_4.id = sysobjects.id and sysprotects_4.action = 196 and sysprotects_4.protecttype in ( 204, 205 )
 left join sys.sysprotects as sysprotects_5
  on sysprotects_5.uid = sysusers.uid and sysprotects_5.id = sysobjects.id and sysprotects_5.action = 224 and sysprotects_5.protecttype in ( 204, 205 )
where -- sys.sysusers.name = 'beny'            -- by USER
            sysobjects.name = 'clients'      -- by OBJECT
order by
 sysusers.name, sysobjects.name

0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Creating and Managing Databases with phpMyAdmin in cPanel.
Never store passwords in plain text or just their hash: it seems a no-brainier, but there are still plenty of people doing that. I present the why and how on this subject, offering my own real life solution that you can implement right away, bringin…
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question