?
Solved

How do I find and/or grant permissions to a SQL encryption key for a specific user?

Posted on 2014-03-20
5
Medium Priority
?
1,090 Views
Last Modified: 2014-03-26
First, I am working with a database I did not setup let alone encrypt.  I'm just in charge of creating some stored procs and getting them accessible to a SQL account user.

I can run the stored procs within SSMS but when I try to reach them through a web service I have created to serve up the data I get this error...

"Cannot find the symmetric key 'SKEY_DataEncryption', because it does not exist or you do not have permission."

How do I find the key? (Do I even need to find it...?)
How do I grant the necessary permissions to my web service designated user account within SQL Server 2008?

Thanks!
0
Comment
Question by:Bruce
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 40

Accepted Solution

by:
lcohan earned 2000 total points
ID: 39943250
GRANT permission:

http://technet.microsoft.com/en-us/library/ms179887(v=sql.100).aspx
<<
GRANT CONTROL
ON CERTIFICATE :: certificate_name
TO username
>>

Find permissions at server level:

-- server logins and their server level permissions:
            SELECT SP1.[name] AS 'Login', 'Role: ' + SP2.[name] COLLATE DATABASE_DEFAULT AS 'ServerPermission'
            FROM sys.server_principals SP1
              JOIN sys.server_role_members SRM ON SP1.principal_id = SRM.member_principal_id
              JOIN sys.server_principals SP2 ON SRM.role_principal_id = SP2.principal_id
            UNION
            SELECT distinct SP.[name] AS 'Login' , 'Permissions: ' + SPerm.state_desc + ' ' + SPerm.permission_name COLLATE DATABASE_DEFAULT AS 'ServerPermission'  FROM sys.server_principals SP  
            JOIN sys.server_permissions SPerm  ON SP.principal_id = SPerm.grantee_principal_id  
            ORDER BY [Login], [ServerPermission] desc;
0
 
LVL 1

Author Comment

by:Bruce
ID: 39943367
I ran the GRANT command and received a success message but am still getting the same error

"Cannot find the symmetric key 'SKEY_DataEncryption', because it does not exist or you do not have permission."
0
 
LVL 40

Expert Comment

by:lcohan
ID: 39943398
" but am still getting the same error"

When/Where are you getting the error and what SQL Login are you using when you get the error? Same like you just granted permissions as per above?
0
 
LVL 1

Assisted Solution

by:Bruce
Bruce earned 0 total points
ID: 39945349
I was able to get this working by granting control to both the certificate and the symmetric key.  Not sure why but it works now...

GRANT CONTROL
ON CERTIFICATE :: CERT_KeyAccess
TO AgentApplication

GRANT CONTROL
ON SYMMETRIC KEY :: SKEY_DataEncryption
TO AgentApplication
0
 
LVL 1

Author Closing Comment

by:Bruce
ID: 39955478
I added an additional SQL statement that completed the explanation of the solution to the issue I was asking about...
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we will get to know that how can we recover deleted data if it happens accidently. We really can recover deleted rows if we know the time when data is deleted by using the transaction log.
The Delta outage: 650 cancelled flights, more than 1200 delayed flights, thousands of frustrated customers, tens of millions of dollars in damages – plus untold reputational damage to one of the world’s most trusted airlines. All due to a catastroph…
Viewers will learn how the fundamental information of how to create a table.
Viewers will learn how to use the SELECT statement in SQL and will be exposed to the many uses the SELECT statement has.
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question