hi again
i have an account with its password
with specific permissions,
i have to deny, then, the access
to the rest of the objects ?
i.e. systems stored proc, tables , etc ?
thanks
atte,
Hernn Castelo
SGA - UTN - FRBA
Depends what you want.
The user will only have access to those objects it is granted so there is no
need to deny.
But if the user is then added to a role which has other permissions (or they
are given to public) it will gain them.
If this is not what you want then you should deny permissions as well.
I usually only deny dbwriter to read only accounts and leave the rest to
gain from granted permissions
"Hernán Castelo" wrote:
> hi again
> i have an account with its password
> with specific permissions,
> i have to deny, then, the access
> to the rest of the objects ?
> i.e. systems stored proc, tables , etc ?
> thanks
>
> --
> atte,
> Hernán Castelo
> SGA - UTN - FRBA
>
>
|||i'm asking because
i entered with a restricted account
and was able to exec SP_HELPTEXT
and i don't wish that
denying dbwriter sounds good,
how can i disable these type of sp's ?
atte,
Hernn Castelo
SGA - UTN - FRBA
"Nigel Rivett" <sqlnr@.hotmail.com> escribi en el mensaje
news:FA87EBFA-AE01-4BDD-8869-E62687DB27FB@.microsoft.com...
> Depends what you want.
> The user will only have access to those objects it is granted so there is
no
> need to deny.
> But if the user is then added to a role which has other permissions (or
they[vbcol=seagreen]
> are given to public) it will gain them.
> If this is not what you want then you should deny permissions as well.
> I usually only deny dbwriter to read only accounts and leave the rest to
> gain from granted permissions
> "Hernn Castelo" wrote:
|||Everyone can see the source code, I'm afraid. Closest you can come is creating the procedures using
the WITH ENCRYPTION option (note however that there exists tools to decrypt...).
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
"Hernn Castelo" <bajopalabra@.hotmail.com> wrote in message
news:OO0nNnM0EHA.3416@.TK2MSFTNGP09.phx.gbl...
> i'm asking because
> i entered with a restricted account
> and was able to exec SP_HELPTEXT
> and i don't wish that
> denying dbwriter sounds good,
> how can i disable these type of sp's ?
>
> --
> atte,
> Hernn Castelo
> SGA - UTN - FRBA
> "Nigel Rivett" <sqlnr@.hotmail.com> escribi en el mensaje
> news:FA87EBFA-AE01-4BDD-8869-E62687DB27FB@.microsoft.com...
> no
> they
>
Showing posts with label rest. Show all posts
Showing posts with label rest. Show all posts
Sunday, March 25, 2012
do i need to deny everything i don't use ?
hi again
i have an account with its password
with specific permissions,
i have to deny, then, the access
to the rest of the objects ?
i.e. systems stored proc, tables , etc ?
thanks
atte,
Hernn Castelo
SGA - UTN - FRBADepends what you want.
The user will only have access to those objects it is granted so there is no
need to deny.
But if the user is then added to a role which has other permissions (or they
are given to public) it will gain them.
If this is not what you want then you should deny permissions as well.
I usually only deny dbwriter to read only accounts and leave the rest to
gain from granted permissions
"Hernán Castelo" wrote:
> hi again
> i have an account with its password
> with specific permissions,
> i have to deny, then, the access
> to the rest of the objects ?
> i.e. systems stored proc, tables , etc ?
> thanks
>
> --
> atte,
> Hernán Castelo
> SGA - UTN - FRBA
>
>|||i'm asking because
i entered with a restricted account
and was able to exec SP_HELPTEXT
and i don't wish that
denying dbwriter sounds good,
how can i disable these type of sp's ?
atte,
Hernn Castelo
SGA - UTN - FRBA
"Nigel Rivett" <sqlnr@.hotmail.com> escribi en el mensaje
news:FA87EBFA-AE01-4BDD-8869-E62687DB27FB@.microsoft.com...
> Depends what you want.
> The user will only have access to those objects it is granted so there is
no
> need to deny.
> But if the user is then added to a role which has other permissions (or
they[vbcol=seagreen]
> are given to public) it will gain them.
> If this is not what you want then you should deny permissions as well.
> I usually only deny dbwriter to read only accounts and leave the rest to
> gain from granted permissions
> "Hernn Castelo" wrote:
>|||Everyone can see the source code, I'm afraid. Closest you can come is creati
ng the procedures using
the WITH ENCRYPTION option (note however that there exists tools to decrypt.
.).
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
"Hernn Castelo" <bajopalabra@.hotmail.com> wrote in message
news:OO0nNnM0EHA.3416@.TK2MSFTNGP09.phx.gbl...
> i'm asking because
> i entered with a restricted account
> and was able to exec SP_HELPTEXT
> and i don't wish that
> denying dbwriter sounds good,
> how can i disable these type of sp's ?
>
> --
> atte,
> Hernn Castelo
> SGA - UTN - FRBA
> "Nigel Rivett" <sqlnr@.hotmail.com> escribi en el mensaje
> news:FA87EBFA-AE01-4BDD-8869-E62687DB27FB@.microsoft.com...
> no
> they
>
i have an account with its password
with specific permissions,
i have to deny, then, the access
to the rest of the objects ?
i.e. systems stored proc, tables , etc ?
thanks
atte,
Hernn Castelo
SGA - UTN - FRBADepends what you want.
The user will only have access to those objects it is granted so there is no
need to deny.
But if the user is then added to a role which has other permissions (or they
are given to public) it will gain them.
If this is not what you want then you should deny permissions as well.
I usually only deny dbwriter to read only accounts and leave the rest to
gain from granted permissions
"Hernán Castelo" wrote:
> hi again
> i have an account with its password
> with specific permissions,
> i have to deny, then, the access
> to the rest of the objects ?
> i.e. systems stored proc, tables , etc ?
> thanks
>
> --
> atte,
> Hernán Castelo
> SGA - UTN - FRBA
>
>|||i'm asking because
i entered with a restricted account
and was able to exec SP_HELPTEXT
and i don't wish that
denying dbwriter sounds good,
how can i disable these type of sp's ?
atte,
Hernn Castelo
SGA - UTN - FRBA
"Nigel Rivett" <sqlnr@.hotmail.com> escribi en el mensaje
news:FA87EBFA-AE01-4BDD-8869-E62687DB27FB@.microsoft.com...
> Depends what you want.
> The user will only have access to those objects it is granted so there is
no
> need to deny.
> But if the user is then added to a role which has other permissions (or
they[vbcol=seagreen]
> are given to public) it will gain them.
> If this is not what you want then you should deny permissions as well.
> I usually only deny dbwriter to read only accounts and leave the rest to
> gain from granted permissions
> "Hernn Castelo" wrote:
>|||Everyone can see the source code, I'm afraid. Closest you can come is creati
ng the procedures using
the WITH ENCRYPTION option (note however that there exists tools to decrypt.
.).
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
"Hernn Castelo" <bajopalabra@.hotmail.com> wrote in message
news:OO0nNnM0EHA.3416@.TK2MSFTNGP09.phx.gbl...
> i'm asking because
> i entered with a restricted account
> and was able to exec SP_HELPTEXT
> and i don't wish that
> denying dbwriter sounds good,
> how can i disable these type of sp's ?
>
> --
> atte,
> Hernn Castelo
> SGA - UTN - FRBA
> "Nigel Rivett" <sqlnr@.hotmail.com> escribi en el mensaje
> news:FA87EBFA-AE01-4BDD-8869-E62687DB27FB@.microsoft.com...
> no
> they
>
do i need to deny everything i don't use ?
hi again
i have an account with its password
with specific permissions,
i have to deny, then, the access
to the rest of the objects ?
i.e. systems stored proc, tables , etc ?
thanks
--
atte,
Hernán Castelo
SGA - UTN - FRBADepends what you want.
The user will only have access to those objects it is granted so there is no
need to deny.
But if the user is then added to a role which has other permissions (or they
are given to public) it will gain them.
If this is not what you want then you should deny permissions as well.
I usually only deny dbwriter to read only accounts and leave the rest to
gain from granted permissions
"Hernán Castelo" wrote:
> hi again
> i have an account with its password
> with specific permissions,
> i have to deny, then, the access
> to the rest of the objects ?
> i.e. systems stored proc, tables , etc ?
> thanks
>
> --
> atte,
> Hernán Castelo
> SGA - UTN - FRBA
>
>|||i'm asking because
i entered with a restricted account
and was able to exec SP_HELPTEXT
and i don't wish that
denying dbwriter sounds good,
how can i disable these type of sp's ?
atte,
Hernán Castelo
SGA - UTN - FRBA
"Nigel Rivett" <sqlnr@.hotmail.com> escribió en el mensaje
news:FA87EBFA-AE01-4BDD-8869-E62687DB27FB@.microsoft.com...
> Depends what you want.
> The user will only have access to those objects it is granted so there is
no
> need to deny.
> But if the user is then added to a role which has other permissions (or
they
> are given to public) it will gain them.
> If this is not what you want then you should deny permissions as well.
> I usually only deny dbwriter to read only accounts and leave the rest to
> gain from granted permissions
> "Hernán Castelo" wrote:
> > hi again
> > i have an account with its password
> > with specific permissions,
> > i have to deny, then, the access
> > to the rest of the objects ?
> > i.e. systems stored proc, tables , etc ?
> >
> > thanks
> >
> >
> > --
> > atte,
> > Hernán Castelo
> > SGA - UTN - FRBA
> >
> >
> >|||Everyone can see the source code, I'm afraid. Closest you can come is creating the procedures using
the WITH ENCRYPTION option (note however that there exists tools to decrypt...).
--
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
"Hernán Castelo" <bajopalabra@.hotmail.com> wrote in message
news:OO0nNnM0EHA.3416@.TK2MSFTNGP09.phx.gbl...
> i'm asking because
> i entered with a restricted account
> and was able to exec SP_HELPTEXT
> and i don't wish that
> denying dbwriter sounds good,
> how can i disable these type of sp's ?
>
> --
> atte,
> Hernán Castelo
> SGA - UTN - FRBA
> "Nigel Rivett" <sqlnr@.hotmail.com> escribió en el mensaje
> news:FA87EBFA-AE01-4BDD-8869-E62687DB27FB@.microsoft.com...
> > Depends what you want.
> > The user will only have access to those objects it is granted so there is
> no
> > need to deny.
> > But if the user is then added to a role which has other permissions (or
> they
> > are given to public) it will gain them.
> > If this is not what you want then you should deny permissions as well.
> >
> > I usually only deny dbwriter to read only accounts and leave the rest to
> > gain from granted permissions
> >
> > "Hernán Castelo" wrote:
> >
> > > hi again
> > > i have an account with its password
> > > with specific permissions,
> > > i have to deny, then, the access
> > > to the rest of the objects ?
> > > i.e. systems stored proc, tables , etc ?
> > >
> > > thanks
> > >
> > >
> > > --
> > > atte,
> > > Hernán Castelo
> > > SGA - UTN - FRBA
> > >
> > >
> > >
>
i have an account with its password
with specific permissions,
i have to deny, then, the access
to the rest of the objects ?
i.e. systems stored proc, tables , etc ?
thanks
--
atte,
Hernán Castelo
SGA - UTN - FRBADepends what you want.
The user will only have access to those objects it is granted so there is no
need to deny.
But if the user is then added to a role which has other permissions (or they
are given to public) it will gain them.
If this is not what you want then you should deny permissions as well.
I usually only deny dbwriter to read only accounts and leave the rest to
gain from granted permissions
"Hernán Castelo" wrote:
> hi again
> i have an account with its password
> with specific permissions,
> i have to deny, then, the access
> to the rest of the objects ?
> i.e. systems stored proc, tables , etc ?
> thanks
>
> --
> atte,
> Hernán Castelo
> SGA - UTN - FRBA
>
>|||i'm asking because
i entered with a restricted account
and was able to exec SP_HELPTEXT
and i don't wish that
denying dbwriter sounds good,
how can i disable these type of sp's ?
atte,
Hernán Castelo
SGA - UTN - FRBA
"Nigel Rivett" <sqlnr@.hotmail.com> escribió en el mensaje
news:FA87EBFA-AE01-4BDD-8869-E62687DB27FB@.microsoft.com...
> Depends what you want.
> The user will only have access to those objects it is granted so there is
no
> need to deny.
> But if the user is then added to a role which has other permissions (or
they
> are given to public) it will gain them.
> If this is not what you want then you should deny permissions as well.
> I usually only deny dbwriter to read only accounts and leave the rest to
> gain from granted permissions
> "Hernán Castelo" wrote:
> > hi again
> > i have an account with its password
> > with specific permissions,
> > i have to deny, then, the access
> > to the rest of the objects ?
> > i.e. systems stored proc, tables , etc ?
> >
> > thanks
> >
> >
> > --
> > atte,
> > Hernán Castelo
> > SGA - UTN - FRBA
> >
> >
> >|||Everyone can see the source code, I'm afraid. Closest you can come is creating the procedures using
the WITH ENCRYPTION option (note however that there exists tools to decrypt...).
--
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
"Hernán Castelo" <bajopalabra@.hotmail.com> wrote in message
news:OO0nNnM0EHA.3416@.TK2MSFTNGP09.phx.gbl...
> i'm asking because
> i entered with a restricted account
> and was able to exec SP_HELPTEXT
> and i don't wish that
> denying dbwriter sounds good,
> how can i disable these type of sp's ?
>
> --
> atte,
> Hernán Castelo
> SGA - UTN - FRBA
> "Nigel Rivett" <sqlnr@.hotmail.com> escribió en el mensaje
> news:FA87EBFA-AE01-4BDD-8869-E62687DB27FB@.microsoft.com...
> > Depends what you want.
> > The user will only have access to those objects it is granted so there is
> no
> > need to deny.
> > But if the user is then added to a role which has other permissions (or
> they
> > are given to public) it will gain them.
> > If this is not what you want then you should deny permissions as well.
> >
> > I usually only deny dbwriter to read only accounts and leave the rest to
> > gain from granted permissions
> >
> > "Hernán Castelo" wrote:
> >
> > > hi again
> > > i have an account with its password
> > > with specific permissions,
> > > i have to deny, then, the access
> > > to the rest of the objects ?
> > > i.e. systems stored proc, tables , etc ?
> > >
> > > thanks
> > >
> > >
> > > --
> > > atte,
> > > Hernán Castelo
> > > SGA - UTN - FRBA
> > >
> > >
> > >
>
Friday, March 9, 2012
Dividing the group in sections
I have a group with 3 distinct field values. I'm only interested in
seeing the specific details for one of them and lump the rest into the
"Others" category and viewing the same details but for that category as
a whole.
This is done in Crystal Reports in the Change Group Options dialog. Is
there something comparable to that in SSRS?
Thank you in advance for any assistance.I believe you can do such grouping with Reporting Services, but it may
be better to modify your data source so that you have an additional
field returned, one where the value is either the field value that you
are interested in or the word 'Other' for all other values.
In SQL Server you can do this by including a CASE statement for that
field within the overall SELECT statement.
This may run faster on the server side, as well, and it simplifies
report design.
I try to do as much as possible on the server side, so that report
design and layout are as simple as possible.
tantilis wrote:
> I have a group with 3 distinct field values. I'm only interested in
> seeing the specific details for one of them and lump the rest into the
> "Others" category and viewing the same details but for that category as
> a whole.
> This is done in Crystal Reports in the Change Group Options dialog. Is
> there something comparable to that in SSRS?
> Thank you in advance for any assistance.|||Thank you for your reply and your solution is practical however I don't
have that kind of access to the server. It's a constraint of this
project that I must replicate the Crystal report without manipulating
any stored procedures.
Parker wrote:
> I believe you can do such grouping with Reporting Services, but it may
> be better to modify your data source so that you have an additional
> field returned, one where the value is either the field value that you
> are interested in or the word 'Other' for all other values.
> In SQL Server you can do this by including a CASE statement for that
> field within the overall SELECT statement.
> This may run faster on the server side, as well, and it simplifies
> report design.
> I try to do as much as possible on the server side, so that report
> design and layout are as simple as possible.
> tantilis wrote:
> > I have a group with 3 distinct field values. I'm only interested in
> > seeing the specific details for one of them and lump the rest into the
> > "Others" category and viewing the same details but for that category as
> > a whole.
> >
> > This is done in Crystal Reports in the Change Group Options dialog. Is
> > there something comparable to that in SSRS?
> >
> > Thank you in advance for any assistance.|||i remember a report where i had to break up a group each time the last
two digits of a certain field hit either 49 or 99. the way i wound up
doing it was to add a second expression, in addition to the primary
condition, to the group expression. you might play around with this
possibility?|||I think I may have worked it out doing just that. I've changed my
primary grouping expression to look like this:
=iif(Fields!Some_Value.Value ="SomeString",Fields!Some_Value.Value,nothing)
It seems a bit counter-intuitive but in a dozen tests so far I'm seeing
values I'm expecting to see in the "Others" category.
What the report would do under this condition is first, present the
group of everything for which SomeString was true using SomeString in
the group header. The report would then present the rest of the data
in a single group while displaying only the first value of Some_Value
in alphabetic order. Just used an expression at that point to replace
every Some_Value.Value to "Others" where it wasn't SomeString.
kjward wrote:
> i remember a report where i had to break up a group each time the last
> two digits of a certain field hit either 49 or 99. the way i wound up
> doing it was to add a second expression, in addition to the primary
> condition, to the group expression. you might play around with this
> possibility?
seeing the specific details for one of them and lump the rest into the
"Others" category and viewing the same details but for that category as
a whole.
This is done in Crystal Reports in the Change Group Options dialog. Is
there something comparable to that in SSRS?
Thank you in advance for any assistance.I believe you can do such grouping with Reporting Services, but it may
be better to modify your data source so that you have an additional
field returned, one where the value is either the field value that you
are interested in or the word 'Other' for all other values.
In SQL Server you can do this by including a CASE statement for that
field within the overall SELECT statement.
This may run faster on the server side, as well, and it simplifies
report design.
I try to do as much as possible on the server side, so that report
design and layout are as simple as possible.
tantilis wrote:
> I have a group with 3 distinct field values. I'm only interested in
> seeing the specific details for one of them and lump the rest into the
> "Others" category and viewing the same details but for that category as
> a whole.
> This is done in Crystal Reports in the Change Group Options dialog. Is
> there something comparable to that in SSRS?
> Thank you in advance for any assistance.|||Thank you for your reply and your solution is practical however I don't
have that kind of access to the server. It's a constraint of this
project that I must replicate the Crystal report without manipulating
any stored procedures.
Parker wrote:
> I believe you can do such grouping with Reporting Services, but it may
> be better to modify your data source so that you have an additional
> field returned, one where the value is either the field value that you
> are interested in or the word 'Other' for all other values.
> In SQL Server you can do this by including a CASE statement for that
> field within the overall SELECT statement.
> This may run faster on the server side, as well, and it simplifies
> report design.
> I try to do as much as possible on the server side, so that report
> design and layout are as simple as possible.
> tantilis wrote:
> > I have a group with 3 distinct field values. I'm only interested in
> > seeing the specific details for one of them and lump the rest into the
> > "Others" category and viewing the same details but for that category as
> > a whole.
> >
> > This is done in Crystal Reports in the Change Group Options dialog. Is
> > there something comparable to that in SSRS?
> >
> > Thank you in advance for any assistance.|||i remember a report where i had to break up a group each time the last
two digits of a certain field hit either 49 or 99. the way i wound up
doing it was to add a second expression, in addition to the primary
condition, to the group expression. you might play around with this
possibility?|||I think I may have worked it out doing just that. I've changed my
primary grouping expression to look like this:
=iif(Fields!Some_Value.Value ="SomeString",Fields!Some_Value.Value,nothing)
It seems a bit counter-intuitive but in a dozen tests so far I'm seeing
values I'm expecting to see in the "Others" category.
What the report would do under this condition is first, present the
group of everything for which SomeString was true using SomeString in
the group header. The report would then present the rest of the data
in a single group while displaying only the first value of Some_Value
in alphabetic order. Just used an expression at that point to replace
every Some_Value.Value to "Others" where it wasn't SomeString.
kjward wrote:
> i remember a report where i had to break up a group each time the last
> two digits of a certain field hit either 49 or 99. the way i wound up
> doing it was to add a second expression, in addition to the primary
> condition, to the group expression. you might play around with this
> possibility?
Subscribe to:
Posts (Atom)