|
|
You're in the
sql server dts
group:Seeking simple way to limit access to production server.
sql server dts:
The scenario is probably pretty common. There is a lot of new DTS package development work by a number of people at our location,
and others. The target for installation is a production server located elsewhere. Everyone here has access to the production server, to look at data, perhaps make schema changes, push DTS packages, etc. This access is allowed to help expidite the development process. The "rule" is that you are ONLY supposed to have SQL connection strings in DTS connection objects - AND - there is a standard of placing this string in Global Variables, for use in script. But it CAN happen, of course, that in the heat of the moment, someone can hard code a connection string into an ActiveX script. The test package could then run awry, and destroy important information on the production server. I am wondering if there might be some easy way to turn access to the production server off and on. It would need to be a quick easy thing to do. The production server is in a different domain, and we use NT authentication. From the development domain, where the change needs to be initiated, we do not have the adminstrative rights to change security settings on the production server. We are hoping there may be a solution to change access in our domain (perhaps without resorting to separate logons for the function).
Allan - This is definitely a shot-in-the-dark question. But I appreciate your considering it.
[quoted text, click to view] "Allan Mitchell" <allan@no-spam.sqldts.com> wrote in message news:OJJn6B15DHA.2412@TK2MSFTNGP11.phx.gbl... > If the packages are coming over from DEV then the Hard Coded strings should > be pointing to the DEV system no? Not necessarily. A package may have been written at, or placed into service at the production server. Then enhancement may be needed, so it is shipped down (or back) to us. We then "localized" it, but miss an inadvertent hard-code. [quoted text, click to view] > I presume that you set the Global Variable at Runtime and replace with the > values necessary for each environment. The "rule" is that you are ONLY supposed to have SQL connection strings in DTS connection objects - AND - there is a standard of placing this string in Global Variables, for use in script. But we are trying to protect against cockpit errors, where either someone fails or forgets, or the package (incorrectly) contains hard coded connect strings in ActiveX script. [quoted text, click to view] > You should really check each package as it comes through to you on the > production server, allowing DEV to push their packages through to LIVE with > no checking would not be my preferred way of doing things. Agreed, and I hope I presented this is the goal. But we are looking for a mechanism, which may or may not exist, that can help us provide a level of protection for errors - hence the question. [quoted text, click to view] > Turn access to the production server to whom or what? If we could temporarily make it so the developer can not connect to the production database, and only his sandbox database, from his workstation, that would pretty much accomplish it. Two functions like "dissallow this workstation to connect to this SQL Server", and antoher "allow connection again", which we could toggle from our side. [quoted text, click to view] > You could remove guest from MSDB. From the development domain, where the change needs to be initiated, we do not have the adminstrative rights to change security settings on the production server. [quoted text, click to view] > How are the packages being called? Currently developers are running from their workstations, in EM, and are SUPPOSED to be running against a sandbox development server we have locally. So they may be running a package, or a single task, etc. [quoted text, click to view] > Allan Mitchell MCSE,MCDBA, (Microsoft SQL Server MVP) > www.allisonmitchell.com - Expert SQL Server Consultancy. > www.SQLDTS.com - The site for all your DTS needs. > I support PASS - the definitive, global community > for SQL Server professionals - http://www.sqlpass.org Allan - I really doubt there is a simple solution. But I thought I would ask in case someone had found a really nice way to deal with this. [quoted text, click to view] > "Lee Gillie" <ANTISPAMIFICATION_lee@odp.com> wrote in message > news:ODbxN205DHA.2072@TK2MSFTNGP11.phx.gbl... > > The scenario is probably pretty common. There is a lot of new DTS package > development work by a number of people at our location, > > and others. The target for installation is a production server located > elsewhere. Everyone here has access to the production server, > > to look at data, perhaps make schema changes, push DTS packages, etc. This > access is allowed to help expidite the development > > process. > > > > The "rule" is that you are ONLY supposed to have SQL connection strings in > DTS connection objects - AND - there is a standard of > > placing this string in Global Variables, for use in script. But it CAN > happen, of course, that in the heat of the moment, someone > > can hard code a connection string into an ActiveX script. The test package > could then run awry, and destroy important information on > > the production server. > > > > I am wondering if there might be some easy way to turn access to the > production server off and on. It would need to be a quick easy > > thing to do. The production server is in a different domain, and we use NT > authentication. From the development domain, where the > > change needs to be initiated, we do not have the adminstrative rights to > change security settings on the production server. We are > > hoping there may be a solution to change access in our domain (perhaps > without resorting to separate logons for the function).
If the packages are coming over from DEV then the Hard Coded strings should
be pointing to the DEV system no? I presume that you set the Global Variable at Runtime and replace with the values necessary for each environment. You should really check each package as it comes through to you on the production server, allowing DEV to push their packages through to LIVE with no checking would not be my preferred way of doing things. Turn access to the production server to whom or what? You could remove guest from MSDB. How are the packages being called? -- Allan Mitchell MCSE,MCDBA, (Microsoft SQL Server MVP) www.allisonmitchell.com - Expert SQL Server Consultancy. www.SQLDTS.com - The site for all your DTS needs. I support PASS - the definitive, global community for SQL Server professionals - http://www.sqlpass.org [quoted text, click to view] "Lee Gillie" <ANTISPAMIFICATION_lee@odp.com> wrote in message news:ODbxN205DHA.2072@TK2MSFTNGP11.phx.gbl... > The scenario is probably pretty common. There is a lot of new DTS package development work by a number of people at our location, > and others. The target for installation is a production server located elsewhere. Everyone here has access to the production server, > to look at data, perhaps make schema changes, push DTS packages, etc. This access is allowed to help expidite the development > process. > > The "rule" is that you are ONLY supposed to have SQL connection strings in DTS connection objects - AND - there is a standard of > placing this string in Global Variables, for use in script. But it CAN happen, of course, that in the heat of the moment, someone > can hard code a connection string into an ActiveX script. The test package could then run awry, and destroy important information on > the production server. > > I am wondering if there might be some easy way to turn access to the production server off and on. It would need to be a quick easy > thing to do. The production server is in a different domain, and we use NT authentication. From the development domain, where the > change needs to be initiated, we do not have the adminstrative rights to change security settings on the production server. We are > hoping there may be a solution to change access in our domain (perhaps without resorting to separate logons for the function). > >
1. The only real way of knowing is to QA the package.
We implemented something sort of similar but in your case it may not work. We checked the name of the Server on which the package was executing. We then checked the name of the servers to which the packages wanted to connect. There were combinations that were allowed and the rest not. So a package executing on a production server would not be allowed to run against a Dev box and vice versa. From what I can see only you are only going to be able to change the packages and nothing more. I would look to add a flag to the package specifying "DEV", "PROD" and then check that against your connections. Do the Dev team execute the packages in LIVE and in DEV? If you cannot change anything on the SQL Server then you have to implement the workaround in the package. -- -- Allan Mitchell MCSE,MCDBA, (Microsoft SQL Server MVP) www.allisonmitchell.com - Expert SQL Server Consultancy. www.SQLDTS.com - The site for all your DTS needs. I support PASS - the definitive, global community for SQL Server professionals - http://www.sqlpass.org [quoted text, click to view] "Lee Gillie" <ANTISPAMIFICATION_lee@odp.com> wrote in message news:O0m8D415DHA.2392@TK2MSFTNGP11.phx.gbl... > Allan - This is definitely a shot-in-the-dark question. But I appreciate your considering it. > > "Allan Mitchell" <allan@no-spam.sqldts.com> wrote in message news:OJJn6B15DHA.2412@TK2MSFTNGP11.phx.gbl... > > If the packages are coming over from DEV then the Hard Coded strings should > > be pointing to the DEV system no? > > Not necessarily. A package may have been written at, or placed into service at the production server. Then enhancement may be > needed, so it is shipped down (or back) to us. We then "localized" it, but miss an inadvertent hard-code. > > > I presume that you set the Global Variable at Runtime and replace with the > > values necessary for each environment. > > The "rule" is that you are ONLY supposed to have SQL connection strings in DTS connection objects - AND - there is a standard of > placing this string in Global Variables, for use in script. But we are trying to protect against cockpit errors, where either > someone fails or forgets, or the package (incorrectly) contains hard coded connect strings in ActiveX script. > > > You should really check each package as it comes through to you on the > > production server, allowing DEV to push their packages through to LIVE with > > no checking would not be my preferred way of doing things. > > Agreed, and I hope I presented this is the goal. But we are looking for a mechanism, which may or may not exist, that can help us > provide a level of protection for errors - hence the question. > > > Turn access to the production server to whom or what? > > If we could temporarily make it so the developer can not connect to the production database, and only his sandbox database, from his > workstation, that would pretty much accomplish it. Two functions like "dissallow this workstation to connect to this SQL Server", > and antoher "allow connection again", which we could toggle from our side. > > > You could remove guest from MSDB. > > From the development domain, where the change needs to be initiated, we do not have the adminstrative rights to change security > settings on the production server. > > > How are the packages being called? > > Currently developers are running from their workstations, in EM, and are SUPPOSED to be running against a sandbox development server > we have locally. So they may be running a package, or a single task, etc. > > > Allan Mitchell MCSE,MCDBA, (Microsoft SQL Server MVP) > > www.allisonmitchell.com - Expert SQL Server Consultancy. > > www.SQLDTS.com - The site for all your DTS needs. > > I support PASS - the definitive, global community > > for SQL Server professionals - http://www.sqlpass.org > > Allan - I really doubt there is a simple solution. But I thought I would ask in case someone had found a really nice way to deal > with this. > > > "Lee Gillie" <ANTISPAMIFICATION_lee@odp.com> wrote in message > > news:ODbxN205DHA.2072@TK2MSFTNGP11.phx.gbl... > > > The scenario is probably pretty common. There is a lot of new DTS package > > development work by a number of people at our location, > > > and others. The target for installation is a production server located > > elsewhere. Everyone here has access to the production server, > > > to look at data, perhaps make schema changes, push DTS packages, etc. This > > access is allowed to help expidite the development > > > process. > > > > > > The "rule" is that you are ONLY supposed to have SQL connection strings in > > DTS connection objects - AND - there is a standard of > > > placing this string in Global Variables, for use in script. But it CAN > > happen, of course, that in the heat of the moment, someone > > > can hard code a connection string into an ActiveX script. The test package > > could then run awry, and destroy important information on > > > the production server. > > > > > > I am wondering if there might be some easy way to turn access to the > > production server off and on. It would need to be a quick easy > > > thing to do. The production server is in a different domain, and we use NT > > authentication. From the development domain, where the > > > change needs to be initiated, we do not have the adminstrative rights to > > change security settings on the production server. We are > > > hoping there may be a solution to change access in our domain (perhaps > > without resorting to separate logons for the function). > >
Don't see what you're looking for? Try a search.
|
June 2003
July 2003
August 2003
September 2003
October 2003
November 2003
December 2003
January 2004
February 2004
March 2004
April 2004
May 2004
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
| home · blog · groups | Questions? Comments? Contact the dn |