We have a situation where we are going to have our IIS server with two NIC
cards. One for the internet and one for the intranet. We are planning to have
our SQL Server connected to the IIS server via the intranet.
My question is... if a user on the internet requests a report and we render
it programmatically via visual basic/visual C# (Using a reporting services
object in ASP) on the web will they have access to the report even though
they do not have direct access to the SQL Reporting Services server? Will I
be able to take what is returned to that object and display it on the
Intranet?
TIA,
PatrickYes. You can use the Response.BinaryWrite() method to direct the report
content to a webform or ASP page. There are limitations, however, with
images and interactive report features when using this approach.
"Patrick Allmond" <PatrickAllmond@.discussions.microsoft.com> wrote in
message news:EDC55557-ECE5-4F21-B07B-583896BDE7D5@.microsoft.com...
> We have a situation where we are going to have our IIS server with two NIC
> cards. One for the internet and one for the intranet. We are planning to
> have
> our SQL Server connected to the IIS server via the intranet.
> My question is... if a user on the internet requests a report and we
> render
> it programmatically via visual basic/visual C# (Using a reporting services
> object in ASP) on the web will they have access to the report even though
> they do not have direct access to the SQL Reporting Services server? Will
> I
> be able to take what is returned to that object and display it on the
> Intranet?
> TIA,
> Patrick
>
Showing posts with label internet. Show all posts
Showing posts with label internet. Show all posts
Friday, February 24, 2012
Sunday, February 19, 2012
Internet-Provider for MSDE-Datebase?
Hi all,
does someone know an Internet Provider for MSDE database?
Regards
Leonid Pavlovhttp://oneandone.co.uk
do MSDE
Simon
Internet URL Access
I am creating a web appliction to access Reporting Service, but I got some
problem
1. User loges on web application via Forms Authentication
2. User types in report parameters.
3. Program gets all parameters, then call Reporting Server URL to get report.
It works fine with intranet, but it doesn't work with internet, because the
reporting service uses Windows Authentication. I don't want allow Anonymous
access Reporing service.
What should I do?Can you use the RS web service to render your reports? The user can log
into your app as normal, and in your code, you supply credentials (that will
authenticate) to the RS web service and return the report as PDF, etc.
Or you can set the RS up to use Forms Authentication and have your users go
directly there:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsql2k/html/ufairs.asp
--
Adrian M.
MCP
"pepcag" <pepcag@.discussions.microsoft.com> wrote in message
news:6F030717-3E37-40D2-B5D4-3AF49338DF27@.microsoft.com...
>I am creating a web appliction to access Reporting Service, but I got some
> problem
> 1. User loges on web application via Forms Authentication
> 2. User types in report parameters.
> 3. Program gets all parameters, then call Reporting Server URL to get
> report.
> It works fine with intranet, but it doesn't work with internet, because
> the
> reporting service uses Windows Authentication. I don't want allow
> Anonymous
> access Reporing service.
> What should I do?
problem
1. User loges on web application via Forms Authentication
2. User types in report parameters.
3. Program gets all parameters, then call Reporting Server URL to get report.
It works fine with intranet, but it doesn't work with internet, because the
reporting service uses Windows Authentication. I don't want allow Anonymous
access Reporing service.
What should I do?Can you use the RS web service to render your reports? The user can log
into your app as normal, and in your code, you supply credentials (that will
authenticate) to the RS web service and return the report as PDF, etc.
Or you can set the RS up to use Forms Authentication and have your users go
directly there:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsql2k/html/ufairs.asp
--
Adrian M.
MCP
"pepcag" <pepcag@.discussions.microsoft.com> wrote in message
news:6F030717-3E37-40D2-B5D4-3AF49338DF27@.microsoft.com...
>I am creating a web appliction to access Reporting Service, but I got some
> problem
> 1. User loges on web application via Forms Authentication
> 2. User types in report parameters.
> 3. Program gets all parameters, then call Reporting Server URL to get
> report.
> It works fine with intranet, but it doesn't work with internet, because
> the
> reporting service uses Windows Authentication. I don't want allow
> Anonymous
> access Reporing service.
> What should I do?
Internet reporting
I've recently set up SQL Server 2005 and have implemented Report Services /
Report Manager for users to be able to view reports via our intranet. Many
of the users are remote users, from time to time, and I would like for these
users to see the same reports from the Internet (preferrably being able to
use their same Windows Auth login). Our SQL Server is a separate machine
from our web server, and the current Report Services and Manager is set up on
the SQL Server. Can I set up the Report Manager on either the SQL Server,
web server, or both for users to be able to view reports from both the
intranet and Internet? If so, how? I'd also prefer this to be seamless, so
that the user doesn't know the difference between intranet and Internet
reports (if their is a difference).I suggest you go through this first in your online books
search for "Configuring a Report Server for Internet Access" I think your
problem will be solved after going through this.
Amarnath
"Kat" wrote:
> I've recently set up SQL Server 2005 and have implemented Report Services /
> Report Manager for users to be able to view reports via our intranet. Many
> of the users are remote users, from time to time, and I would like for these
> users to see the same reports from the Internet (preferrably being able to
> use their same Windows Auth login). Our SQL Server is a separate machine
> from our web server, and the current Report Services and Manager is set up on
> the SQL Server. Can I set up the Report Manager on either the SQL Server,
> web server, or both for users to be able to view reports from both the
> intranet and Internet? If so, how? I'd also prefer this to be seamless, so
> that the user doesn't know the difference between intranet and Internet
> reports (if their is a difference).|||Thank you for the suggestion. I've already read this books-online entry, and
many others as well. They did not answer my question and that's why I came
to the newsgroup.
"Amarnath" wrote:
> I suggest you go through this first in your online books
> search for "Configuring a Report Server for Internet Access" I think your
> problem will be solved after going through this.
> Amarnath
>
> "Kat" wrote:
> > I've recently set up SQL Server 2005 and have implemented Report Services /
> > Report Manager for users to be able to view reports via our intranet. Many
> > of the users are remote users, from time to time, and I would like for these
> > users to see the same reports from the Internet (preferrably being able to
> > use their same Windows Auth login). Our SQL Server is a separate machine
> > from our web server, and the current Report Services and Manager is set up on
> > the SQL Server. Can I set up the Report Manager on either the SQL Server,
> > web server, or both for users to be able to view reports from both the
> > intranet and Internet? If so, how? I'd also prefer this to be seamless, so
> > that the user doesn't know the difference between intranet and Internet
> > reports (if their is a difference).|||Is there no one else that can offer some insight to my questions?
"Kat" wrote:
> I've recently set up SQL Server 2005 and have implemented Report Services /
> Report Manager for users to be able to view reports via our intranet. Many
> of the users are remote users, from time to time, and I would like for these
> users to see the same reports from the Internet (preferrably being able to
> use their same Windows Auth login). Our SQL Server is a separate machine
> from our web server, and the current Report Services and Manager is set up on
> the SQL Server. Can I set up the Report Manager on either the SQL Server,
> web server, or both for users to be able to view reports from both the
> intranet and Internet? If so, how? I'd also prefer this to be seamless, so
> that the user doesn't know the difference between intranet and Internet
> reports (if their is a difference).
Report Manager for users to be able to view reports via our intranet. Many
of the users are remote users, from time to time, and I would like for these
users to see the same reports from the Internet (preferrably being able to
use their same Windows Auth login). Our SQL Server is a separate machine
from our web server, and the current Report Services and Manager is set up on
the SQL Server. Can I set up the Report Manager on either the SQL Server,
web server, or both for users to be able to view reports from both the
intranet and Internet? If so, how? I'd also prefer this to be seamless, so
that the user doesn't know the difference between intranet and Internet
reports (if their is a difference).I suggest you go through this first in your online books
search for "Configuring a Report Server for Internet Access" I think your
problem will be solved after going through this.
Amarnath
"Kat" wrote:
> I've recently set up SQL Server 2005 and have implemented Report Services /
> Report Manager for users to be able to view reports via our intranet. Many
> of the users are remote users, from time to time, and I would like for these
> users to see the same reports from the Internet (preferrably being able to
> use their same Windows Auth login). Our SQL Server is a separate machine
> from our web server, and the current Report Services and Manager is set up on
> the SQL Server. Can I set up the Report Manager on either the SQL Server,
> web server, or both for users to be able to view reports from both the
> intranet and Internet? If so, how? I'd also prefer this to be seamless, so
> that the user doesn't know the difference between intranet and Internet
> reports (if their is a difference).|||Thank you for the suggestion. I've already read this books-online entry, and
many others as well. They did not answer my question and that's why I came
to the newsgroup.
"Amarnath" wrote:
> I suggest you go through this first in your online books
> search for "Configuring a Report Server for Internet Access" I think your
> problem will be solved after going through this.
> Amarnath
>
> "Kat" wrote:
> > I've recently set up SQL Server 2005 and have implemented Report Services /
> > Report Manager for users to be able to view reports via our intranet. Many
> > of the users are remote users, from time to time, and I would like for these
> > users to see the same reports from the Internet (preferrably being able to
> > use their same Windows Auth login). Our SQL Server is a separate machine
> > from our web server, and the current Report Services and Manager is set up on
> > the SQL Server. Can I set up the Report Manager on either the SQL Server,
> > web server, or both for users to be able to view reports from both the
> > intranet and Internet? If so, how? I'd also prefer this to be seamless, so
> > that the user doesn't know the difference between intranet and Internet
> > reports (if their is a difference).|||Is there no one else that can offer some insight to my questions?
"Kat" wrote:
> I've recently set up SQL Server 2005 and have implemented Report Services /
> Report Manager for users to be able to view reports via our intranet. Many
> of the users are remote users, from time to time, and I would like for these
> users to see the same reports from the Internet (preferrably being able to
> use their same Windows Auth login). Our SQL Server is a separate machine
> from our web server, and the current Report Services and Manager is set up on
> the SQL Server. Can I set up the Report Manager on either the SQL Server,
> web server, or both for users to be able to view reports from both the
> intranet and Internet? If so, how? I'd also prefer this to be seamless, so
> that the user doesn't know the difference between intranet and Internet
> reports (if their is a difference).
Internet Replication
I am attempting to setup a publication where I'm replicating date between 2
sql 2000 servers via the internet. The snapshots are configured to be written
to ftp to be downloaded by the untrusted subscribers via ftp. I'm having
troubles with not having access to the distributor, this wasnt an issue until
I restricted access to RPC on the firewall seperating the
distributor/publication and the subscriber. The subscribers get the error
'the process could not connect to Distributor <SERVER>'
Is there a way to give access the distributor via ftp (or some other way)
and how is this done?
Do particular types of replication require access to the distributor (can I
get away with no distributor access)?
If I setup up an updating subscription, what is the best way to achieve an
updating subscription over the internet without a vpn?
Any help would be greatly appreciated.
-James
Nobody can help?
"James" wrote:
> I am attempting to setup a publication where I'm replicating date between 2
> sql 2000 servers via the internet. The snapshots are configured to be written
> to ftp to be downloaded by the untrusted subscribers via ftp. I'm having
> troubles with not having access to the distributor, this wasnt an issue until
> I restricted access to RPC on the firewall seperating the
> distributor/publication and the subscriber. The subscribers get the error
> 'the process could not connect to Distributor <SERVER>'
> Is there a way to give access the distributor via ftp (or some other way)
> and how is this done?
> Do particular types of replication require access to the distributor (can I
> get away with no distributor access)?
> If I setup up an updating subscription, what is the best way to achieve an
> updating subscription over the internet without a vpn?
> Any help would be greatly appreciated.
> -James
sql 2000 servers via the internet. The snapshots are configured to be written
to ftp to be downloaded by the untrusted subscribers via ftp. I'm having
troubles with not having access to the distributor, this wasnt an issue until
I restricted access to RPC on the firewall seperating the
distributor/publication and the subscriber. The subscribers get the error
'the process could not connect to Distributor <SERVER>'
Is there a way to give access the distributor via ftp (or some other way)
and how is this done?
Do particular types of replication require access to the distributor (can I
get away with no distributor access)?
If I setup up an updating subscription, what is the best way to achieve an
updating subscription over the internet without a vpn?
Any help would be greatly appreciated.
-James
Nobody can help?
"James" wrote:
> I am attempting to setup a publication where I'm replicating date between 2
> sql 2000 servers via the internet. The snapshots are configured to be written
> to ftp to be downloaded by the untrusted subscribers via ftp. I'm having
> troubles with not having access to the distributor, this wasnt an issue until
> I restricted access to RPC on the firewall seperating the
> distributor/publication and the subscriber. The subscribers get the error
> 'the process could not connect to Distributor <SERVER>'
> Is there a way to give access the distributor via ftp (or some other way)
> and how is this done?
> Do particular types of replication require access to the distributor (can I
> get away with no distributor access)?
> If I setup up an updating subscription, what is the best way to achieve an
> updating subscription over the internet without a vpn?
> Any help would be greatly appreciated.
> -James
Internet password attacks
I have opened port 1433 on our firewall to allow employees to access our SQL
server database and immediately we have received aggressive password attacks
,
mostly against the 'sa' user id. The 'sa' passoword is strong, but I'm
annoyed with the attacks that make my log files huge and cause unncessary
hits to the server.
Is there a way to configure SQL Server to force a delay between login
attempts or to temporarily lockout a user out as can be done with Windows
Server?
Many Thanks!Microsoft refuses to fix this glaring problem in SQL 2000. You can use a
port monitor to get the IP numbers then block them with a firewall or use
IPsec to block the IP numbers. It is a never ending job as new drones will
be attacking every day.
Microsoft's reply is that you shouldn't be doing this. Of course, they will
be glad to sell you a copy of SQL Server 2005 that does fix this (non)
problem.
With a strong password, the attackers will never be successful, but they can
eat up a lot of bandwidth trying.
Russ Stevens|||So you can confirm SQL 2005 does address this issue? Do you have details on
how?
I have port 1433 and 1434 open also going thru a Virtual IP, so far no
attacks.
"Russell Stevens" <rustyprogrammer@.online.nospam> wrote in message
news:um$43caqFHA.3524@.tk2msftngp13.phx.gbl...
> Microsoft refuses to fix this glaring problem in SQL 2000. You can use a
> port monitor to get the IP numbers then block them with a firewall or use
> IPsec to block the IP numbers. It is a never ending job as new drones will
> be attacking every day.
> Microsoft's reply is that you shouldn't be doing this. Of course, they
> will be glad to sell you a copy of SQL Server 2005 that does fix this
> (non) problem.
> With a strong password, the attackers will never be successful, but they
> can eat up a lot of bandwidth trying.
> Russ Stevens
>|||Rob,
<<So you can confirm SQL 2005 does address this issue? Do you have details
on
how?>>
SQL 2005 uses the normal Windows 2003 logon stuff - ie - you can allow 3
unsucessful logins, then have a lockout period of 30 minutes or whatever
(you specify both). I haven't actually verified this - it is in the docs but
it doesn't work under WinXP - after much searching I found that this feature
will only work on Win2003 server and I haven't installed the Beta on a
server yet.
<<I have port 1433 and 1434 open also going thru a Virtual IP, so far no
attacks.>>
Depending on how you are looking you may not notice them. Some drones are
just dialup - you would have a hard time seeing the once per second login
attempt on the bandwidth. Some drones are on high speed connections - will
give you a straight line on your bandwidth (30 or more connection attempts
per second). To see if anyone is trying, run the SQL Profiler and setup a
trace to record unsuccessful logins. They won't show up in your normal
events log. If 1433 is open to the Internet you can almost bet someone is
trying to get in during some parts of the day. Not sure why you would want
udp 1434 open - make them work a little harder <g>.
Russ Stevens|||Unfortunately it isn't a bug (where bug = coding error) in SQL Server 2000.
It isn't even a design flaw in the classic sense. It is a missing feature
set dating back to the original Sybase decisions made 20 years ago.
Microsoft's fix was to add integrated (aka Windows) security and push people
not to use the legacy SQL Server security stuff at all. That fixes the
problem. But despite Microsoft's desire to do away with the legacy security
stuff it is still heavily used. Partially for bad reasons (like, it just
being easier to embed a password in the application) and partially for good
reasons (like, we have to access it from a Unix system). So for SQL Server
2005 they are finally acknowleding that and re-working the Sybase-derived
stuff to use the full set of Windows password protections. But I doubt it
is something of a scope that it could be easily (mostly meaning safely and
reliably) backported into a SQL Server 2000 service pack. Not impossible of
course, but just well beyond the scope of a service pack.
Personally, I would NOT put a SQL Server 2000 directly on the Internet.
There are reasons beyond the password security issues that make me queasy
(not that I know of any specific vulnerability). The better way to enable
your users to access SQL Server remotely is to have them VPN in. That is
yet another reason Microsoft wasn't incented to enhance the legacy password
stuff earlier.
At a minimum you should use a non-standard port for your SQL Server if it is
going to be on the net. That should minimize the attacks (since I imagine
most of them are built on the premise that SQL Server uses 1433).
Hal Berenson, President
PredictableIT
Phone: 805-212-1025 ext 101
hberenson@.predictableit.com
Helpdesk: 805-212-1024 ext 1
"Russell Stevens" <rustyprogrammer@.online.nospam> wrote in message
news:um$43caqFHA.3524@.tk2msftngp13.phx.gbl...
> Microsoft refuses to fix this glaring problem in SQL 2000. You can use a
> port monitor to get the IP numbers then block them with a firewall or use
> IPsec to block the IP numbers. It is a never ending job as new drones will
> be attacking every day.
> Microsoft's reply is that you shouldn't be doing this. Of course, they
> will be glad to sell you a copy of SQL Server 2005 that does fix this
> (non) problem.
> With a strong password, the attackers will never be successful, but they
> can eat up a lot of bandwidth trying.
> Russ Stevens
>|||Hal,
<<It is a missing feature
set dating back to the original Sybase decisions made 20 years ago.
Microsoft's fix was to add integrated (aka Windows) security and push people
not to use the legacy SQL Server security stuff at all>>
Its refreshing to hear someone NOT say "SQL server was not designed to allow
open Internet access". As you mention, it was designed exactly for that
originally. Of course, this is further compounded by the fact that you can't
change the sa account. Microsoft recommends you rename the Administrator
account on its servers so that a hacker needs to guess both the user name
and a password. Given that the sa account is fixed, the hacker only needs to
guess a password. Then, on top of that, for years, the default password for
the sa account was an empty string. So hackers knew the login name and knew
the password for lots of SQL servers without having to do anything. It is
now a little harder as they try to crack the password using a dictionary
attack. Put a new SQL server online, and the hacks will start within an
hour.
I think Microsoft could easily fix this in a service pack if they wanted to.
They already have the necessary code for tracking unsuccessful logins (in
Profiler). They don't need to tie it in to group policy, etc. to fix this in
SQL 2000 - after x unsuccessful tries, block out y for z time and allow the
sa account to be renamed. Using another port doesn't help much - the hackers
can easily determine the SQL port.
Sure, the SQL 2005 way is the best way to do it (tied in to the OS), but
anyway you do it is better than the SQL 2000 way. Just imagine the amount of
Internet bandwidth that would then become available for something useful
<g>.
Russ Stevens|||Allow the SA account to be renamed in a service pack? You are mad. That
would break the entire product and require many thousands of lines of code
to be changed (not to mention all the customer apps that would be broken).
Put in a hard coded delay (z) after x failed login attempts for a particular
account (y), with no user interface for controlling x or z? That might be
reasonable. An even easier change would be to just insert a timeout-1
second delay before responding to a TDS Login packet that contained an
invalid password. That would effectively kill the automated attacks without
breaking anything (important). Unfortunately, it is likely to be a long
time until the next SQL Server 2000 Service Pack and that will (I'm
guessing) be little more than a hotfix rollup. So we've probably missed the
boat on doing anything for SQL Server 2000.
Hal Berenson, President
PredictableIT
Phone: 805-212-1025 ext 101
hberenson@.predictableit.com
Helpdesk: 805-212-1024 ext 1
"Russell Stevens" <rustyprogrammer@.online.nospam> wrote in message
news:u7sJiP%23qFHA.3600@.TK2MSFTNGP10.phx.gbl...
> Hal,
> <<It is a missing feature
> set dating back to the original Sybase decisions made 20 years ago.
> Microsoft's fix was to add integrated (aka Windows) security and push
> people
> not to use the legacy SQL Server security stuff at all>>
> Its refreshing to hear someone NOT say "SQL server was not designed to
> allow open Internet access". As you mention, it was designed exactly for
> that originally. Of course, this is further compounded by the fact that
> you can't change the sa account. Microsoft recommends you rename the
> Administrator account on its servers so that a hacker needs to guess both
> the user name and a password. Given that the sa account is fixed, the
> hacker only needs to guess a password. Then, on top of that, for years,
> the default password for the sa account was an empty string. So hackers
> knew the login name and knew the password for lots of SQL servers without
> having to do anything. It is now a little harder as they try to crack the
> password using a dictionary attack. Put a new SQL server online, and the
> hacks will start within an hour.
> I think Microsoft could easily fix this in a service pack if they wanted
> to. They already have the necessary code for tracking unsuccessful logins
> (in Profiler). They don't need to tie it in to group policy, etc. to fix
> this in SQL 2000 - after x unsuccessful tries, block out y for z time and
> allow the sa account to be renamed. Using another port doesn't help much -
> the hackers can easily determine the SQL port.
> Sure, the SQL 2005 way is the best way to do it (tied in to the OS), but
> anyway you do it is better than the SQL 2000 way. Just imagine the amount
> of Internet bandwidth that would then become available for something
> useful <g>.
> Russ Stevens
>|||Hal,
<<Allow the SA account to be renamed in a service pack? You are mad>>
No - the SP doesn't rename it, it gives the SQL admin the ability to change
it. If he has apps that use it, then he can fix them first or leave as is.
<<Unfortunately, it is likely to be a long
time until the next SQL Server 2000 Service Pack and that will (I'm
guessing) be little more than a hotfix rollup. So we've probably missed the
boat on doing anything for SQL Server 2000.>>
We have been missing the boat for many years - Microsoft just refuses to fix
it (this is not a new issue <g> ).
Thanks
Russ Stevens|||On Mon, 29 Aug 2005 08:22:51 -0400, Russell Stevens wrote:
> <<Allow the SA account to be renamed in a service pack? You are mad>>
> No - the SP doesn't rename it, it gives the SQL admin the ability to chang
e
> it. If he has apps that use it, then he can fix them first or leave as is.
There are many many parts *internal* to SQL server that depend on the sa
account being named sa. A service pack that changes them all to tolerate a
renamed sa account is a dangerous thing to do.|||I've been programming for 20+ years and to me there are a number of
inexpensive solutions to this problem that Microsoft could deploy, but they
have delibertly choosen not to for whatever motive. The fact that no
Micrsoft MVP has responded to this post as I have seen in most other posts,
further backs this opinion.
Is there a Microsft MVP out there willing to touch this issue?
"Ross Presser" wrote:
> On Mon, 29 Aug 2005 08:22:51 -0400, Russell Stevens wrote:
>
> There are many many parts *internal* to SQL server that depend on the sa
> account being named sa. A service pack that changes them all to tolerate
a
> renamed sa account is a dangerous thing to do.
>
server database and immediately we have received aggressive password attacks
,
mostly against the 'sa' user id. The 'sa' passoword is strong, but I'm
annoyed with the attacks that make my log files huge and cause unncessary
hits to the server.
Is there a way to configure SQL Server to force a delay between login
attempts or to temporarily lockout a user out as can be done with Windows
Server?
Many Thanks!Microsoft refuses to fix this glaring problem in SQL 2000. You can use a
port monitor to get the IP numbers then block them with a firewall or use
IPsec to block the IP numbers. It is a never ending job as new drones will
be attacking every day.
Microsoft's reply is that you shouldn't be doing this. Of course, they will
be glad to sell you a copy of SQL Server 2005 that does fix this (non)
problem.
With a strong password, the attackers will never be successful, but they can
eat up a lot of bandwidth trying.
Russ Stevens|||So you can confirm SQL 2005 does address this issue? Do you have details on
how?
I have port 1433 and 1434 open also going thru a Virtual IP, so far no
attacks.
"Russell Stevens" <rustyprogrammer@.online.nospam> wrote in message
news:um$43caqFHA.3524@.tk2msftngp13.phx.gbl...
> Microsoft refuses to fix this glaring problem in SQL 2000. You can use a
> port monitor to get the IP numbers then block them with a firewall or use
> IPsec to block the IP numbers. It is a never ending job as new drones will
> be attacking every day.
> Microsoft's reply is that you shouldn't be doing this. Of course, they
> will be glad to sell you a copy of SQL Server 2005 that does fix this
> (non) problem.
> With a strong password, the attackers will never be successful, but they
> can eat up a lot of bandwidth trying.
> Russ Stevens
>|||Rob,
<<So you can confirm SQL 2005 does address this issue? Do you have details
on
how?>>
SQL 2005 uses the normal Windows 2003 logon stuff - ie - you can allow 3
unsucessful logins, then have a lockout period of 30 minutes or whatever
(you specify both). I haven't actually verified this - it is in the docs but
it doesn't work under WinXP - after much searching I found that this feature
will only work on Win2003 server and I haven't installed the Beta on a
server yet.
<<I have port 1433 and 1434 open also going thru a Virtual IP, so far no
attacks.>>
Depending on how you are looking you may not notice them. Some drones are
just dialup - you would have a hard time seeing the once per second login
attempt on the bandwidth. Some drones are on high speed connections - will
give you a straight line on your bandwidth (30 or more connection attempts
per second). To see if anyone is trying, run the SQL Profiler and setup a
trace to record unsuccessful logins. They won't show up in your normal
events log. If 1433 is open to the Internet you can almost bet someone is
trying to get in during some parts of the day. Not sure why you would want
udp 1434 open - make them work a little harder <g>.
Russ Stevens|||Unfortunately it isn't a bug (where bug = coding error) in SQL Server 2000.
It isn't even a design flaw in the classic sense. It is a missing feature
set dating back to the original Sybase decisions made 20 years ago.
Microsoft's fix was to add integrated (aka Windows) security and push people
not to use the legacy SQL Server security stuff at all. That fixes the
problem. But despite Microsoft's desire to do away with the legacy security
stuff it is still heavily used. Partially for bad reasons (like, it just
being easier to embed a password in the application) and partially for good
reasons (like, we have to access it from a Unix system). So for SQL Server
2005 they are finally acknowleding that and re-working the Sybase-derived
stuff to use the full set of Windows password protections. But I doubt it
is something of a scope that it could be easily (mostly meaning safely and
reliably) backported into a SQL Server 2000 service pack. Not impossible of
course, but just well beyond the scope of a service pack.
Personally, I would NOT put a SQL Server 2000 directly on the Internet.
There are reasons beyond the password security issues that make me queasy
(not that I know of any specific vulnerability). The better way to enable
your users to access SQL Server remotely is to have them VPN in. That is
yet another reason Microsoft wasn't incented to enhance the legacy password
stuff earlier.
At a minimum you should use a non-standard port for your SQL Server if it is
going to be on the net. That should minimize the attacks (since I imagine
most of them are built on the premise that SQL Server uses 1433).
Hal Berenson, President
PredictableIT
Phone: 805-212-1025 ext 101
hberenson@.predictableit.com
Helpdesk: 805-212-1024 ext 1
"Russell Stevens" <rustyprogrammer@.online.nospam> wrote in message
news:um$43caqFHA.3524@.tk2msftngp13.phx.gbl...
> Microsoft refuses to fix this glaring problem in SQL 2000. You can use a
> port monitor to get the IP numbers then block them with a firewall or use
> IPsec to block the IP numbers. It is a never ending job as new drones will
> be attacking every day.
> Microsoft's reply is that you shouldn't be doing this. Of course, they
> will be glad to sell you a copy of SQL Server 2005 that does fix this
> (non) problem.
> With a strong password, the attackers will never be successful, but they
> can eat up a lot of bandwidth trying.
> Russ Stevens
>|||Hal,
<<It is a missing feature
set dating back to the original Sybase decisions made 20 years ago.
Microsoft's fix was to add integrated (aka Windows) security and push people
not to use the legacy SQL Server security stuff at all>>
Its refreshing to hear someone NOT say "SQL server was not designed to allow
open Internet access". As you mention, it was designed exactly for that
originally. Of course, this is further compounded by the fact that you can't
change the sa account. Microsoft recommends you rename the Administrator
account on its servers so that a hacker needs to guess both the user name
and a password. Given that the sa account is fixed, the hacker only needs to
guess a password. Then, on top of that, for years, the default password for
the sa account was an empty string. So hackers knew the login name and knew
the password for lots of SQL servers without having to do anything. It is
now a little harder as they try to crack the password using a dictionary
attack. Put a new SQL server online, and the hacks will start within an
hour.
I think Microsoft could easily fix this in a service pack if they wanted to.
They already have the necessary code for tracking unsuccessful logins (in
Profiler). They don't need to tie it in to group policy, etc. to fix this in
SQL 2000 - after x unsuccessful tries, block out y for z time and allow the
sa account to be renamed. Using another port doesn't help much - the hackers
can easily determine the SQL port.
Sure, the SQL 2005 way is the best way to do it (tied in to the OS), but
anyway you do it is better than the SQL 2000 way. Just imagine the amount of
Internet bandwidth that would then become available for something useful
<g>.
Russ Stevens|||Allow the SA account to be renamed in a service pack? You are mad. That
would break the entire product and require many thousands of lines of code
to be changed (not to mention all the customer apps that would be broken).
Put in a hard coded delay (z) after x failed login attempts for a particular
account (y), with no user interface for controlling x or z? That might be
reasonable. An even easier change would be to just insert a timeout-1
second delay before responding to a TDS Login packet that contained an
invalid password. That would effectively kill the automated attacks without
breaking anything (important). Unfortunately, it is likely to be a long
time until the next SQL Server 2000 Service Pack and that will (I'm
guessing) be little more than a hotfix rollup. So we've probably missed the
boat on doing anything for SQL Server 2000.
Hal Berenson, President
PredictableIT
Phone: 805-212-1025 ext 101
hberenson@.predictableit.com
Helpdesk: 805-212-1024 ext 1
"Russell Stevens" <rustyprogrammer@.online.nospam> wrote in message
news:u7sJiP%23qFHA.3600@.TK2MSFTNGP10.phx.gbl...
> Hal,
> <<It is a missing feature
> set dating back to the original Sybase decisions made 20 years ago.
> Microsoft's fix was to add integrated (aka Windows) security and push
> people
> not to use the legacy SQL Server security stuff at all>>
> Its refreshing to hear someone NOT say "SQL server was not designed to
> allow open Internet access". As you mention, it was designed exactly for
> that originally. Of course, this is further compounded by the fact that
> you can't change the sa account. Microsoft recommends you rename the
> Administrator account on its servers so that a hacker needs to guess both
> the user name and a password. Given that the sa account is fixed, the
> hacker only needs to guess a password. Then, on top of that, for years,
> the default password for the sa account was an empty string. So hackers
> knew the login name and knew the password for lots of SQL servers without
> having to do anything. It is now a little harder as they try to crack the
> password using a dictionary attack. Put a new SQL server online, and the
> hacks will start within an hour.
> I think Microsoft could easily fix this in a service pack if they wanted
> to. They already have the necessary code for tracking unsuccessful logins
> (in Profiler). They don't need to tie it in to group policy, etc. to fix
> this in SQL 2000 - after x unsuccessful tries, block out y for z time and
> allow the sa account to be renamed. Using another port doesn't help much -
> the hackers can easily determine the SQL port.
> Sure, the SQL 2005 way is the best way to do it (tied in to the OS), but
> anyway you do it is better than the SQL 2000 way. Just imagine the amount
> of Internet bandwidth that would then become available for something
> useful <g>.
> Russ Stevens
>|||Hal,
<<Allow the SA account to be renamed in a service pack? You are mad>>
No - the SP doesn't rename it, it gives the SQL admin the ability to change
it. If he has apps that use it, then he can fix them first or leave as is.
<<Unfortunately, it is likely to be a long
time until the next SQL Server 2000 Service Pack and that will (I'm
guessing) be little more than a hotfix rollup. So we've probably missed the
boat on doing anything for SQL Server 2000.>>
We have been missing the boat for many years - Microsoft just refuses to fix
it (this is not a new issue <g> ).
Thanks
Russ Stevens|||On Mon, 29 Aug 2005 08:22:51 -0400, Russell Stevens wrote:
> <<Allow the SA account to be renamed in a service pack? You are mad>>
> No - the SP doesn't rename it, it gives the SQL admin the ability to chang
e
> it. If he has apps that use it, then he can fix them first or leave as is.
There are many many parts *internal* to SQL server that depend on the sa
account being named sa. A service pack that changes them all to tolerate a
renamed sa account is a dangerous thing to do.|||I've been programming for 20+ years and to me there are a number of
inexpensive solutions to this problem that Microsoft could deploy, but they
have delibertly choosen not to for whatever motive. The fact that no
Micrsoft MVP has responded to this post as I have seen in most other posts,
further backs this opinion.
Is there a Microsft MVP out there willing to touch this issue?
"Ross Presser" wrote:
> On Mon, 29 Aug 2005 08:22:51 -0400, Russell Stevens wrote:
>
> There are many many parts *internal* to SQL server that depend on the sa
> account being named sa. A service pack that changes them all to tolerate
a
> renamed sa account is a dangerous thing to do.
>
Internet Merge Replication IIS
Maybe I am missing something here, but it seems like the point of doing Merge Replication via IIS is so that you do not have to expose your DB server directly to the internet (i.e. all your clients), rather you expose a webserver to the internet and the webserver handles the replication keeping your DB server closed to direct internet access and thus keeping it more secure.
However, to set up Internet Merge Replication using IIS a client has to have direct internet access to the DB server as a stored procedure needs to be run on the publisher.
So Internet Merge Replciation using IIS makes it so your DB does not have to be directly exposed to the internet except your db needs to be exposed directly to the internet so every client can execute a stored procedure against it. How does this make sense? Yeah, I can write a webservice or something that gets the SP from the client and executes it against my db server but why should I have to? Why isn't the dll that the "Configure Web Synchronization" wizard puts into place capable of doing this?
Using web sync not only "hide" your sql server from the client, but also extends the merge replication to devices as well as PCs in anywhere that has the internet access. the later is actually the main reason to have this new sync type.
Sure, one can write their own web services to do the sync ( in fact, I believe there are some companies doing that already ), but this will not fully utilize the merge replication's functionalities to the web client subscriptions as it was to the fully connected subscriptions.
hence, the "Configure web synchronization" wizard means to provide some walk throguh steps to help users to set up the IIS server for replication and not to intend to setup the webservices.
thanks
Yunwen
|||Thank you for your reply, but your reply...parts don't make sense and other parts don't answer what I asked.
>> but also extends the merge replication to devices as well as PCs in anywhere that has the internet access. the later is actually the main reason to have this new sync type.
That is NOT the "main reason" of doing web sync via IIS. Since for a client to do merge synching offsite, they have to have internet access to the sql server location, synching could be accomplished quite nicely without IIS by merely poking the appropriate holes in your firewall to allow the needed direct sql connections to be made. Thus IIS is not what facilitates merge synching over the internet. It still seems to me that the ONLY point of doing merge replication via IIS is to hide your SQL server from direct internet access.
>>Sure, one can write their own web services to do the sync
I never said this. What I said was that to set up Merge replication a client needed direct access to a sql server because a SP (Stored Procedure) has to be run against the Publisher that registeres the subscriber with the publisher. If you are using IIS to accomplish your merge replication, then you do not have your sql server directly exposed to the internet which makes it rather hard for your subscriber to connect directly to the publisher to execute a SP. What I said was that I could write a Webservice that could facilitate the subscriber sending the SP to the publisher but that I shouldn't have to as the replisapi.dll should be doing that. I said nothing about writing a webservice to do the sync, just that as things stand now I would have to write a webservice to facilitate setting up the sync.
So again, it seems like the point of using IIS to do merge replication is to hide your SQL Server publisher from the internet. However, part of setting up a subscriber involves running a SP (Stored Procedure) against the SQL Server Publisher. If your SQL Server publisher is hidden from the internet, it makes it rather impossible for your subscriber to connect to it to run a SP against it. It seems that currently the only work around is to make your own webservice that can access the SP arguments from the subscriber and run the proper SP with the proper arguments against your publisher for you. It seems sort of silly that you would have to set that up yourself, that MS hasn't built that in to something that already exists.
The situation is analguous to the Exchange RPC over HTTPS problem that occured when Office 2003 first came out. RPC over HTTPS allows Outlook to run against an Exchange server without having to have direct port 135-139 access. However in order to set up RPC over HTTPS your computer FIRST had to be able to connect directly to Exchange on ports 135-139 (which was a problem for me since I use Comcast and Comcast blocks these ports). The only work around was to lug my computer into the office, put it on a lan with the exchange server, setup RPC over HTTPS, then take it back home.) MS has since fixed this problem. However, this seems like the exact same problem. Doing merge replication via IIS makes it so that clients do not have to connect directly to the SQL Server, however to initially set up each client, that client has to connect directly to the SQL Server. Is there a way around this?
Thank you
|||Many people may not have ability to connect to publisher directly through port 1433. That is one of the main motivation to support https (port 443) replication. IIS server is needed to understand the https protocol.
|||Yes, that is right along the lines of what I have been saying.
Why is this so hard to understand? I will try to make it simple.
I have a sql server that is acting as a publisher. This publisher is not directly accessable via the internet. I have set up Merge replication using IIS and https on a server running IIS. The IIS server is accessable to the internet on ports 80 and 443. Ok? Simple enough.
I want to connect a subscriber to this publisher. The subscriber is somewhere on the internet. In order for the subscriber to successfully set up its subscription, it needs to execute the Stored Procedure named "sp_addmergesubscription" ON THE PUBLISHER!
As you so aptly pointed out "Many people may not have ability to connect to publisher directly through port 1433" that being the case, how then is a subscriber supposed to run the stored procedure "sp_addmergesubscription" on the publisher?
|||You have two choices:
1. Add the subscription at the publisher before subscriber connects. Meaning an administrator at the publisher will need to add this information, not the subscriber since the subscriber does not have access.
2. Connect as an anonymous subscriber. Meaning if subscriber cannot have their subscription added to the publication, then connect as an anonymous subscriber, which will add the info for you on your first connect.
Internet merge pull subscription server name problems
I recently did a test-run of continuous merge pull replication on my
intranet and it worked wonderfully. Now I am trying to make it work
over the net, and I just can't get server names to ever work
correctly! The server is listening on a non-standard port and this is
open from the firewall.. a test connection and telnet connect just
fine through the firewall.
If someone could please give me a list of everything that must be in
place for the remote server to be able to reference the
publisher/distributor by host NAME not IP, I would greatly appreciate
it.
I assume I need a server alias on the subscriber? Does the servername
here include the instance name? How do i reference this alias in my
sp_addmergepullsubscription and sp_addmergepullsubscription_agent
calls? What about the non-standard port?
The publisher/distributor has a localname, say SERVER, so in EM it
shows up as "SERVER\INSTANCENAME"... shouldn't it show up as
"SERVER.DOMAIN.COM\INSTANCENAME" ? Do I need another alias on the
server?
The setup is: SQL Server 2000 publisher/distributor at a fixed domain,
we can't be sure of the IP, but we know it's always at
server.domain.com
MSDE is semi-disconnected, so this will be a PULL anonymous
subscription. I will be creating it through the above referenced
stored procedures.
Thanks in advance!
you must use SQL client network utilty to talk to the instance. Open up Client Network Utility, add a name for the alias. Then for servername add the name of the server and its instance, ie ServerName\InstanceName.
Then edit your hosts file for the ip address of the server, ie
ServerName xxx.xxx.xxx.xxx
The server name does not have to be a FQDN, ie SERVER.DOMAIN.COM\INSTANCENAME, just a name that has an ip address. For logistical purposes you should call it after your Publisher or Subscriber name, but you don't have to.
Ping this server from your publisher/subscriber to make sure it can resolve correctly and you have connectivity. you may need to use tracert to find out where your connectivity breaks.
Then its a matter of enabling your subscriber. register this server in Enterprise Manager, and then go to tools, replication, configure distributor, publishers, and subscribers, locate your subscriber, click on the check box to the left of the servername,
click on the browse button and enter the sa account (or an account in the sysadmin role), and its password. To replicate over the internet you must use sql authentication. Your publication should be set up for anonymous pull using FTP.
In your procs sp_addmergepullsubscription and sp_addmergepullsubscription_agent you will be referencing the publisher by whatever name you have assigned to this subscriber as its alias in Client Network Utiltiy.
Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html
"Josh" wrote:
> I recently did a test-run of continuous merge pull replication on my
> intranet and it worked wonderfully. Now I am trying to make it work
> over the net, and I just can't get server names to ever work
> correctly! The server is listening on a non-standard port and this is
> open from the firewall.. a test connection and telnet connect just
> fine through the firewall.
> If someone could please give me a list of everything that must be in
> place for the remote server to be able to reference the
> publisher/distributor by host NAME not IP, I would greatly appreciate
> it.
> I assume I need a server alias on the subscriber? Does the servername
> here include the instance name? How do i reference this alias in my
> sp_addmergepullsubscription and sp_addmergepullsubscription_agent
> calls? What about the non-standard port?
> The publisher/distributor has a localname, say SERVER, so in EM it
> shows up as "SERVER\INSTANCENAME"... shouldn't it show up as
> "SERVER.DOMAIN.COM\INSTANCENAME" ? Do I need another alias on the
> server?
> The setup is: SQL Server 2000 publisher/distributor at a fixed domain,
> we can't be sure of the IP, but we know it's always at
> server.domain.com
> MSDE is semi-disconnected, so this will be a PULL anonymous
> subscription. I will be creating it through the above referenced
> stored procedures.
> Thanks in advance!
>
intranet and it worked wonderfully. Now I am trying to make it work
over the net, and I just can't get server names to ever work
correctly! The server is listening on a non-standard port and this is
open from the firewall.. a test connection and telnet connect just
fine through the firewall.
If someone could please give me a list of everything that must be in
place for the remote server to be able to reference the
publisher/distributor by host NAME not IP, I would greatly appreciate
it.
I assume I need a server alias on the subscriber? Does the servername
here include the instance name? How do i reference this alias in my
sp_addmergepullsubscription and sp_addmergepullsubscription_agent
calls? What about the non-standard port?
The publisher/distributor has a localname, say SERVER, so in EM it
shows up as "SERVER\INSTANCENAME"... shouldn't it show up as
"SERVER.DOMAIN.COM\INSTANCENAME" ? Do I need another alias on the
server?
The setup is: SQL Server 2000 publisher/distributor at a fixed domain,
we can't be sure of the IP, but we know it's always at
server.domain.com
MSDE is semi-disconnected, so this will be a PULL anonymous
subscription. I will be creating it through the above referenced
stored procedures.
Thanks in advance!
you must use SQL client network utilty to talk to the instance. Open up Client Network Utility, add a name for the alias. Then for servername add the name of the server and its instance, ie ServerName\InstanceName.
Then edit your hosts file for the ip address of the server, ie
ServerName xxx.xxx.xxx.xxx
The server name does not have to be a FQDN, ie SERVER.DOMAIN.COM\INSTANCENAME, just a name that has an ip address. For logistical purposes you should call it after your Publisher or Subscriber name, but you don't have to.
Ping this server from your publisher/subscriber to make sure it can resolve correctly and you have connectivity. you may need to use tracert to find out where your connectivity breaks.
Then its a matter of enabling your subscriber. register this server in Enterprise Manager, and then go to tools, replication, configure distributor, publishers, and subscribers, locate your subscriber, click on the check box to the left of the servername,
click on the browse button and enter the sa account (or an account in the sysadmin role), and its password. To replicate over the internet you must use sql authentication. Your publication should be set up for anonymous pull using FTP.
In your procs sp_addmergepullsubscription and sp_addmergepullsubscription_agent you will be referencing the publisher by whatever name you have assigned to this subscriber as its alias in Client Network Utiltiy.
Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html
"Josh" wrote:
> I recently did a test-run of continuous merge pull replication on my
> intranet and it worked wonderfully. Now I am trying to make it work
> over the net, and I just can't get server names to ever work
> correctly! The server is listening on a non-standard port and this is
> open from the firewall.. a test connection and telnet connect just
> fine through the firewall.
> If someone could please give me a list of everything that must be in
> place for the remote server to be able to reference the
> publisher/distributor by host NAME not IP, I would greatly appreciate
> it.
> I assume I need a server alias on the subscriber? Does the servername
> here include the instance name? How do i reference this alias in my
> sp_addmergepullsubscription and sp_addmergepullsubscription_agent
> calls? What about the non-standard port?
> The publisher/distributor has a localname, say SERVER, so in EM it
> shows up as "SERVER\INSTANCENAME"... shouldn't it show up as
> "SERVER.DOMAIN.COM\INSTANCENAME" ? Do I need another alias on the
> server?
> The setup is: SQL Server 2000 publisher/distributor at a fixed domain,
> we can't be sure of the IP, but we know it's always at
> server.domain.com
> MSDE is semi-disconnected, so this will be a PULL anonymous
> subscription. I will be creating it through the above referenced
> stored procedures.
> Thanks in advance!
>
Internet integration
Is there a way to embed reports in an INTERNET app (ASP.NET) using the following requirements:
- Get reports from Report Server (with toolbar and parameters)
- Security authentication/authorisation comes from ASP.NET web app (single sign-on, not Windows authentication, but custom)
In brief, I just want to host reports in an ASP.NET app, as they appear in the html viewer, but embedded in the app, on the Internet. URL access is perfect, but we require a single sign on with CUSTOM security.
Problem : how to integrate the security context of the web app and the rs, rendering reports WITHIN the web app.
Problems I am experiencing:
- Using an IFRAME to render the reports requires that the browser has direct access to the report server. We don't want this unless we can authenticate/authorise the user once only, through our custom security interface.
- Using the asp.net web app to call the API Render method will not render binary content such as images, unless we use the mhtml rendering format. How do we get the asp.net app to call the api and return an html page with all the correct links to images stored on the server?
Ideas:
Should we develop a custom Security extension?
Any help would be greatly appreciated.
Have you looked at the report execution web service? It seems to fit all of your requirements:
http://msdn2.microsoft.com/en-us/library/ms155071.aspx
|||Our client has identical requirements - in short, is it possible to fulfill these requirements with RS2000? RS2005 is not an option.
The only compromise appears to be using web-services rendering, but this loses all interactivity functionality such as paging, drill through, document map and collapsible regions - you would also lose the ActiveX control unless you added script code. To me, this represented the best compromise.
Is there a way to fulfill the original requirements? The toolbar is mandatory.
|||HI,
Thanks for your response. Can I render html (not mhtml) from the web service? How does it deal with binary content such as images, which would be in a separate file in html? I presume you can render only a stream of info, not two streams?
Actually, I admit to overlooking the functionality provided by report viewer. I discovered yesterday that it operates in two "modes" : Remote or local. Remote uses reports straight off the server (.rdl) and shows them beautifully, just as they are rendered in html by report manager (including toolbar and params). Local, however, uses a differnent mode of operation - the reports are rendered from rdlc files within your application without the parameters. You can pass parameters programmatically to local reports, but that's a lot of programming (duplication of effort - hence, my problem).
Incidentally, we solved the security problem by using remote mode with report viewer. The web.config has <identity impersonate="true">. We also set the username and password attributes of the identity tag, and set up a user account on the box, corresponding to the user identified in <identity>. The user account was configured to be allowed to access the report on the report server (report manager security setup) So the ASP.NET web app impersonates for our web clients and retrieves the relevant report, based upon our web app's security system. Our web app could use the SOAP API to iterate all reports from ReportServer and manage the reports through it's custom security interface.
In sum : USE THE REPORT VIEWER IN REMOTE MODE !
I hope this helps other confused souls out there.
Internet Information Services (IIS) 5.0 Manager
I need to get hold of a website to download Internet
Information Services (IIS) 5.0 Manager. Can anyone help?
v6 cannot do what I need it for.Is this what you need?
308169 HOW TO: Remotely Administer Internet Information Services 5.0 in
Windows
http://support.microsoft.com/?id=308169
If that's not the information you were asking for, try posting on an IIS
newsgroup.
Cindy Gross, MCDBA, MCSE
http://cindygross.tripod.com
This posting is provided "AS IS" with no warranties, and confers no rights.
Information Services (IIS) 5.0 Manager. Can anyone help?
v6 cannot do what I need it for.Is this what you need?
308169 HOW TO: Remotely Administer Internet Information Services 5.0 in
Windows
http://support.microsoft.com/?id=308169
If that's not the information you were asking for, try posting on an IIS
newsgroup.
Cindy Gross, MCDBA, MCSE
http://cindygross.tripod.com
This posting is provided "AS IS" with no warranties, and confers no rights.
Internet Help Sites
Besides this forum what other help sites do people go to for help?1st is MSSQL Books online.
2nd is Google.
2nd is Google.
Internet Explorer Version 7.0 Beta 3 can not load Reporting Services
Hi, all!
Internet Explorer Version 7.0 Beta 3 can not load Reporting Services, please check this error. Because my company always using Reporting Services.
I open report OK but when choose and click View Report. Nothing load and IE 7 using a lots resource RAM. And I check many computer set up IE 7. they still error.
Please help me.
Thanks.
There have been some issues around that in the beta phase, but as the RC1 is on the road you should upgrade to this one.
HTH, Jens K. Suessmeyer.
http://www.sqlserver2005.de
Just in addition: https://connect.microsoft.com/SQLServer/feedback/ViewFeedback.aspx?FeedbackID=157905
HTH, Jens K. Suessmeyer.
http://www.sqlserver2005.de|||
Dude, it's a MS beta.....
Software is like a new car, never buy one the first year it is introduced.
|||http://blogs.msdn.com/bwelcker/archive/2006/08/28/728739.aspxInternet explorer script error
When trying to configure task scheduler on my mcafee virus scan i get the error notice: keyset does not exist The specific error is 0x80090016 It also says General page initialisation failed. An error has occurred attempting to retrieve task account onfo. You may continue editing task object but will be unable to change task account info. Does anyone have a solution so I can schedule automatic updates for my virus scanner?What's this got to do with Internet Explorer scripting?|||Sorry the original error was: Internet explorer script error. An error has occurred on the csript on this page. Error is: Keyset does not exist Line 719 Char7 after further attempts to schedule antivirus scans on mcafee I got the error notice I first listed in this forum|||
This is a forum for SQL Server Reporting Services, not virus scanners. I think you'll have more luck trying to post your problem at http://forums.mcafeehelp.com/.
|||I have also begun getting this error message and I do not use McAfee, I use Norton 2006. Since I installed it I get this error ?
|||Mcafee not able to sort this problem they suggested this forum but thankyou for your suggestion|||Try posting your issue to the ASP "Client Side Web Development" forum, which deals with "Client-side programming discussions, including CSS, DHTML, JScript/Javascript, etc".
http://forums.asp.net/130/ShowForum.aspx
They may be able to help you out. I'd try including alot more information, though:
what's the error number?|||I have the same problem with Norton and other items in task scheduler. Symantic responds that it is a Windows problem in Task Scheduler. Windows Article ID 246183 responds to this problem, but only applies to Windows 2000. It requires a change in the registry. Look at it and see if it helps.Internet explorer lost from server
Gurus--
I am not really sure how it happened but on a small local server that I
admin seems to have lost IE, "The E" is missing, I am running xp pro I
have a connection to msn dsl on this server and had to reload all os and
server due to spyware attack. Since then the "E" is gone I need to have
in order to set up wireless network. How do you reload ie without
running the whole setup again ? Is this possible?
*** Sent via Developersdex http://www.codecomments.com ***
I think this should be posted in one of the windowsXP newsgroups.
Hilary Cotter
Director of Text Mining and Database Strategy
RelevantNOISE.Com - Dedicated to mining blogs for business intelligence.
This posting is my own and doesn't necessarily represent RelevantNoise's
positions, strategies or opinions.
Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html
Looking for a FAQ on Indexing Services/SQL FTS
http://www.indexserverfaq.com
"Bill" <nospam@.devdex.com> wrote in message
news:OutdtFu8GHA.4476@.TK2MSFTNGP04.phx.gbl...
> Gurus--
> I am not really sure how it happened but on a small local server that I
> admin seems to have lost IE, "The E" is missing, I am running xp pro I
> have a connection to msn dsl on this server and had to reload all os and
> server due to spyware attack. Since then the "E" is gone I need to have
> in order to set up wireless network. How do you reload ie without
> running the whole setup again ? Is this possible?
> *** Sent via Developersdex http://www.codecomments.com ***
|||Hi
This does not seem to have anything to do with SQL server so I don't know
why you have posted it to this group. It sounds like your network settings
are incorrect, therefore you need to check them against what they should be.
John
"Bill" wrote:
> Gurus--
> I am not really sure how it happened but on a small local server that I
> admin seems to have lost IE, "The E" is missing, I am running xp pro I
> have a connection to msn dsl on this server and had to reload all os and
> server due to spyware attack. Since then the "E" is gone I need to have
> in order to set up wireless network. How do you reload ie without
> running the whole setup again ? Is this possible?
> *** Sent via Developersdex http://www.codecomments.com ***
>
I am not really sure how it happened but on a small local server that I
admin seems to have lost IE, "The E" is missing, I am running xp pro I
have a connection to msn dsl on this server and had to reload all os and
server due to spyware attack. Since then the "E" is gone I need to have
in order to set up wireless network. How do you reload ie without
running the whole setup again ? Is this possible?
*** Sent via Developersdex http://www.codecomments.com ***
I think this should be posted in one of the windowsXP newsgroups.
Hilary Cotter
Director of Text Mining and Database Strategy
RelevantNOISE.Com - Dedicated to mining blogs for business intelligence.
This posting is my own and doesn't necessarily represent RelevantNoise's
positions, strategies or opinions.
Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html
Looking for a FAQ on Indexing Services/SQL FTS
http://www.indexserverfaq.com
"Bill" <nospam@.devdex.com> wrote in message
news:OutdtFu8GHA.4476@.TK2MSFTNGP04.phx.gbl...
> Gurus--
> I am not really sure how it happened but on a small local server that I
> admin seems to have lost IE, "The E" is missing, I am running xp pro I
> have a connection to msn dsl on this server and had to reload all os and
> server due to spyware attack. Since then the "E" is gone I need to have
> in order to set up wireless network. How do you reload ie without
> running the whole setup again ? Is this possible?
> *** Sent via Developersdex http://www.codecomments.com ***
|||Hi
This does not seem to have anything to do with SQL server so I don't know
why you have posted it to this group. It sounds like your network settings
are incorrect, therefore you need to check them against what they should be.
John
"Bill" wrote:
> Gurus--
> I am not really sure how it happened but on a small local server that I
> admin seems to have lost IE, "The E" is missing, I am running xp pro I
> have a connection to msn dsl on this server and had to reload all os and
> server due to spyware attack. Since then the "E" is gone I need to have
> in order to set up wireless network. How do you reload ie without
> running the whole setup again ? Is this possible?
> *** Sent via Developersdex http://www.codecomments.com ***
>
Internet explorer lost from server
Gurus--
I am not really sure how it happened but on a small local server that I
admin seems to have lost IE, "The E" is missing, I am running xp pro I
have a connection to msn dsl on this server and had to reload all os and
server due to spyware attack. Since then the "E" is gone I need to have
in order to set up wireless network. How do you reload ie without
running the whole setup again ? Is this possible'
*** Sent via Developersdex http://www.developersdex.com ***I think this should be posted in one of the windowsXP newsgroups.
--
Hilary Cotter
Director of Text Mining and Database Strategy
RelevantNOISE.Com - Dedicated to mining blogs for business intelligence.
This posting is my own and doesn't necessarily represent RelevantNoise's
positions, strategies or opinions.
Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html
Looking for a FAQ on Indexing Services/SQL FTS
http://www.indexserverfaq.com
"Bill" <nospam@.devdex.com> wrote in message
news:OutdtFu8GHA.4476@.TK2MSFTNGP04.phx.gbl...
> Gurus--
> I am not really sure how it happened but on a small local server that I
> admin seems to have lost IE, "The E" is missing, I am running xp pro I
> have a connection to msn dsl on this server and had to reload all os and
> server due to spyware attack. Since then the "E" is gone I need to have
> in order to set up wireless network. How do you reload ie without
> running the whole setup again ? Is this possible'
> *** Sent via Developersdex http://www.developersdex.com ***|||Hi
This does not seem to have anything to do with SQL server so I don't know
why you have posted it to this group. It sounds like your network settings
are incorrect, therefore you need to check them against what they should be.
John
"Bill" wrote:
> Gurus--
> I am not really sure how it happened but on a small local server that I
> admin seems to have lost IE, "The E" is missing, I am running xp pro I
> have a connection to msn dsl on this server and had to reload all os and
> server due to spyware attack. Since then the "E" is gone I need to have
> in order to set up wireless network. How do you reload ie without
> running the whole setup again ? Is this possible'
> *** Sent via Developersdex http://www.developersdex.com ***
>
I am not really sure how it happened but on a small local server that I
admin seems to have lost IE, "The E" is missing, I am running xp pro I
have a connection to msn dsl on this server and had to reload all os and
server due to spyware attack. Since then the "E" is gone I need to have
in order to set up wireless network. How do you reload ie without
running the whole setup again ? Is this possible'
*** Sent via Developersdex http://www.developersdex.com ***I think this should be posted in one of the windowsXP newsgroups.
--
Hilary Cotter
Director of Text Mining and Database Strategy
RelevantNOISE.Com - Dedicated to mining blogs for business intelligence.
This posting is my own and doesn't necessarily represent RelevantNoise's
positions, strategies or opinions.
Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html
Looking for a FAQ on Indexing Services/SQL FTS
http://www.indexserverfaq.com
"Bill" <nospam@.devdex.com> wrote in message
news:OutdtFu8GHA.4476@.TK2MSFTNGP04.phx.gbl...
> Gurus--
> I am not really sure how it happened but on a small local server that I
> admin seems to have lost IE, "The E" is missing, I am running xp pro I
> have a connection to msn dsl on this server and had to reload all os and
> server due to spyware attack. Since then the "E" is gone I need to have
> in order to set up wireless network. How do you reload ie without
> running the whole setup again ? Is this possible'
> *** Sent via Developersdex http://www.developersdex.com ***|||Hi
This does not seem to have anything to do with SQL server so I don't know
why you have posted it to this group. It sounds like your network settings
are incorrect, therefore you need to check them against what they should be.
John
"Bill" wrote:
> Gurus--
> I am not really sure how it happened but on a small local server that I
> admin seems to have lost IE, "The E" is missing, I am running xp pro I
> have a connection to msn dsl on this server and had to reload all os and
> server due to spyware attack. Since then the "E" is gone I need to have
> in order to set up wireless network. How do you reload ie without
> running the whole setup again ? Is this possible'
> *** Sent via Developersdex http://www.developersdex.com ***
>
Internet explorer lost from server
Gurus--
I am not really sure how it happened but on a small local server that I
admin seems to have lost IE, "The E" is missing, I am running xp pro I
have a connection to msn dsl on this server and had to reload all os and
server due to spyware attack. Since then the "E" is gone I need to have
in order to set up wireless network. How do you reload ie without
running the whole setup again ? Is this possible'
*** Sent via Developersdex http://www.codecomments.com ***I think this should be posted in one of the windowsXP newsgroups.
Hilary Cotter
Director of Text Mining and Database Strategy
RelevantNOISE.Com - Dedicated to mining blogs for business intelligence.
This posting is my own and doesn't necessarily represent RelevantNoise's
positions, strategies or opinions.
Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html
Looking for a FAQ on Indexing Services/SQL FTS
http://www.indexserverfaq.com
"Bill" <nospam@.devdex.com> wrote in message
news:OutdtFu8GHA.4476@.TK2MSFTNGP04.phx.gbl...
> Gurus--
> I am not really sure how it happened but on a small local server that I
> admin seems to have lost IE, "The E" is missing, I am running xp pro I
> have a connection to msn dsl on this server and had to reload all os and
> server due to spyware attack. Since then the "E" is gone I need to have
> in order to set up wireless network. How do you reload ie without
> running the whole setup again ? Is this possible'
> *** Sent via Developersdex http://www.codecomments.com ***|||Hi
This does not seem to have anything to do with SQL server so I don't know
why you have posted it to this group. It sounds like your network settings
are incorrect, therefore you need to check them against what they should be.
John
"Bill" wrote:
> Gurus--
> I am not really sure how it happened but on a small local server that I
> admin seems to have lost IE, "The E" is missing, I am running xp pro I
> have a connection to msn dsl on this server and had to reload all os and
> server due to spyware attack. Since then the "E" is gone I need to have
> in order to set up wireless network. How do you reload ie without
> running the whole setup again ? Is this possible'
> *** Sent via Developersdex http://www.codecomments.com ***
>
I am not really sure how it happened but on a small local server that I
admin seems to have lost IE, "The E" is missing, I am running xp pro I
have a connection to msn dsl on this server and had to reload all os and
server due to spyware attack. Since then the "E" is gone I need to have
in order to set up wireless network. How do you reload ie without
running the whole setup again ? Is this possible'
*** Sent via Developersdex http://www.codecomments.com ***I think this should be posted in one of the windowsXP newsgroups.
Hilary Cotter
Director of Text Mining and Database Strategy
RelevantNOISE.Com - Dedicated to mining blogs for business intelligence.
This posting is my own and doesn't necessarily represent RelevantNoise's
positions, strategies or opinions.
Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html
Looking for a FAQ on Indexing Services/SQL FTS
http://www.indexserverfaq.com
"Bill" <nospam@.devdex.com> wrote in message
news:OutdtFu8GHA.4476@.TK2MSFTNGP04.phx.gbl...
> Gurus--
> I am not really sure how it happened but on a small local server that I
> admin seems to have lost IE, "The E" is missing, I am running xp pro I
> have a connection to msn dsl on this server and had to reload all os and
> server due to spyware attack. Since then the "E" is gone I need to have
> in order to set up wireless network. How do you reload ie without
> running the whole setup again ? Is this possible'
> *** Sent via Developersdex http://www.codecomments.com ***|||Hi
This does not seem to have anything to do with SQL server so I don't know
why you have posted it to this group. It sounds like your network settings
are incorrect, therefore you need to check them against what they should be.
John
"Bill" wrote:
> Gurus--
> I am not really sure how it happened but on a small local server that I
> admin seems to have lost IE, "The E" is missing, I am running xp pro I
> have a connection to msn dsl on this server and had to reload all os and
> server due to spyware attack. Since then the "E" is gone I need to have
> in order to set up wireless network. How do you reload ie without
> running the whole setup again ? Is this possible'
> *** Sent via Developersdex http://www.codecomments.com ***
>
Internet Explorer 7 Release Candidate 1
After downloading and installing this update I find that java script doesn't work (e.g. I cannot now access news videos). I have checked in Tools and find that Scripting is enabled.
Can anyone assist me please as I rely on the Internet for news, not having a TV?
This forum is for SQL Server Reporting Services, and in general the MSDN forums target developer related questions, but you could try the Internet Explorer forum:
http://forums.microsoft.com/MSDN/ShowForum.aspx?ForumID=923&SiteID=1
You may also want to enable "Display a notification about every script error" on the Advanced tab of Tools->Options and provide the exact script error in your post.
Subscribe to:
Posts (Atom)