Solved

how to secure SSISConfigurations table with ssis configuration details.    URGENT HELP REQUIRED!!!!!!!!!!!!!!

Posted on 2011-03-10
2
336 Views
Last Modified: 2012-06-27


Hi,

I want to assign  permissions to select, update and write (means all) SSISConfigurations table which contains ssis connection strings and connection passwords to only a user abc and sqlAgent login which would use it while running ssis package which is deployed to sql server.

Can you please tell me the process to secure this table so no one except the authorized user can open it or view it.

URGENT HELP REQUIRED!!!!!!!!!!!!!!!!

Thanks.
0
Comment
Question by:ezkhan
2 Comments
 
LVL 21

Accepted Solution

by:
huslayer earned 250 total points
ID: 35101895
Hello,
You can restrict users using ROLES, or you can on views and schemas.
so you can create views of the table and restrict access to them.

or create new schema for each user and create his table under it.

take a look at this website.
http://www.techrepublic.com/article/understanding-roles-in-sql-server-security/1061781

http://vyaskn.tripod.com/sql_server_security_best_practices.htm

http://beginner-sql-tutorial.com/sql-grant-revoke-privileges-roles.htm

http://www.sqlservercentral.com/Forums/Topic490100-359-1.aspx

Hope that helps
Jason

0
 
LVL 39

Assisted Solution

by:lcohan
lcohan earned 250 total points
ID: 35109614
You need to EXPLICITELY revoke ALL rights against that databse table for ALL users/roles in the sql database then grant select, update on SSISConfigurations to abc.
Exception to the rule would be any user in the sysadmin server role  on the SQL server.

Here's one script you can run against the DB - just put the object name at the end instead of 'clients'
to help you gett all permissions on that object then script to REVOKE all you want to restrict:

select
 sysusers.name as username, sysusers.gid,
 sysobjects.name as objectname, sysobjects.id,
 CASE WHEN sysprotects_1.action is null THEN CASE WHEN sys.sysobjects.xtype = 'P' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'SELECT',
 CASE WHEN sysprotects_2.action is null THEN CASE WHEN sys.sysobjects.xtype = 'P' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'INSERT',
 CASE WHEN sysprotects_3.action is null THEN CASE WHEN sys.sysobjects.xtype = 'P' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'UPDATE',
 CASE WHEN sysprotects_4.action is null THEN CASE WHEN sys.sysobjects.xtype = 'P' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'DELETE',
 CASE WHEN sysprotects_5.action is null THEN CASE WHEN sys.sysobjects.xtype = 'U' THEN 'N/A' ELSE 'No' END ELSE 'Yes' END as 'EXECUTE'
from
 sys.sysusers
 full join sys.sysobjects on ( sysobjects.xtype in ( 'P', 'U' ) and sysobjects.Name NOT LIKE 'dt%' )
 left join sys.sysprotects as sysprotects_1
  on sysprotects_1.uid = sysusers.uid and sysprotects_1.id = sysobjects.id and sysprotects_1.action = 193 and sysprotects_1.protecttype in ( 204, 205 )
 left join sys.sysprotects as sysprotects_2
  on sysprotects_2.uid = sysusers.uid and sysprotects_2.id = sysobjects.id and sysprotects_2.action = 195 and sysprotects_2.protecttype in ( 204, 205 )
 left join sys.sysprotects as sysprotects_3
  on sysprotects_3.uid = sysusers.uid and sysprotects_3.id = sysobjects.id and sysprotects_3.action = 197 and sysprotects_3.protecttype in ( 204, 205 )
 left join sys.sysprotects as sysprotects_4
  on sysprotects_4.uid = sysusers.uid and sysprotects_4.id = sysobjects.id and sysprotects_4.action = 196 and sysprotects_4.protecttype in ( 204, 205 )
 left join sys.sysprotects as sysprotects_5
  on sysprotects_5.uid = sysusers.uid and sysprotects_5.id = sysobjects.id and sysprotects_5.action = 224 and sysprotects_5.protecttype in ( 204, 205 )
where -- sys.sysusers.name = 'beny'            -- by USER
            sysobjects.name = 'clients'      -- by OBJECT
order by
 sysusers.name, sysobjects.name

0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

APEX (Application Express) is used to develop a web application from Oracle. SQL Workshop is one of the tools that comes with Oracle APEX to query or modify the database objects or to make any changes to the structure.
This article explains all about SQL Server Piecemeal Restore with examples in step by step manner.
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now