Both my local (and remote) SQL SERVER 2005 administrators claim that "allowing linked-servers is a security issue" and forbid their use here. (Huh?)
Anyway, is there a way to do something similar WITHOUT linked-servers?
SELECT *
FROM LOCAL_SERVER.MyDatabase.dbo.MyTable AS t1
INNER JOIN REMOTE_SERVER.MyDatabase.dbo.MyTable AS t2
ON t1.MyField = t2.MyField
You could use OPENROWSET, which'll require the connection info, username & password...
While I understand that the administrator believes that having an always-on connection to their data is risky, that's why you lock down the account. OPENROWSET means including the connection info in plain text.
yes you can use OPENDATASOURCE but ad-hoc queries have to be enabled
Opendatasource: Provides ad hoc connection information as part of a four-part object name without using a linked server name.
Related
I need to do the following query (for example):
SELECT c1.CustomerName FROM Customer as c1
INNER JOIN [ExternalServer].[Database].[dbo].[Customer] as c2
ON c2.RefId = c1.RefId
For some security reason my client doesn't allow me to create a linked server. The user under whom I execute this query has access to both tables. Is it possible to make it work without using linked server? Thanks.
You could use OPENROWSET, which'll require the connection info, username & password...
While I understand that the client believes that having an always-on connection to their data is risky, that's why you lock down the account. OPENROWSET means including the connection info in plain text.
'Linked Server' is a very specific thing -- basically, a permanent connection between servers. I can think of all sorts of reasons not to want that, while at the same time having no problem with folks writing queries that combine data from the two different data sources.
Anyway, depending on your requirement -- if this is just for ad hoc querying, OPENROWSET is good if inside of SQL-Server, or if you want to do this in MS Access, just link to the two tables, and your Access query won't care that one comes from one server, and one comes from another.
Alternatively, with a web or windows front-end, you could indpendently query each table into a data object, and then build a separate query on top of that.
Http Endpoints...
WebServices...
There's a million ways. I wouldn't be so quick to assume, as #Lasse suggests, that any form of 'linking' this data together would make you some kind of rougue data linker.
I'm making a call to odbc32.dll (SQLBrowseConnect) to return a list of databases on a sql server.
From running a trace I can see the query being executed is
select name from master..sysdatabases where has_dbaccess(name)=1
If the credentials I pass aren't the sa user it returns just the system databases. Is there anyway I can use SQLBrowseConnect with another user (whose default database is also not guarenteed to be the master database) to return all databases on the server?
Also I want to avoid smo objects
In our ETL tools we do use SQLBrowseConnect to get a list of available SQL servers.
We do not use it for getting list of the databases
SQLExecDirect(FHSMT,PAnsiChar ('select name from MASTER.dbo.sysdatabases order by name'), SQL_NTS)
We use different ODBC driver for different versions of SQL server.
In VS2005, I am using a DLL which accesses a SQL Server. The DLL returns a SQLException
Invalid object name 'tableXYZ'
but tableXYZ is a table in the database.
Should it be looking for dbo.tableXYZ instead? Is this a permissions issue with the login being used?
This could be an issue with the owner of the tableand permissions.
for example the table owner may be dbo so the full table name will be dbo.TableXYZ The user you connect as, could be for example SQLUser may not have access to the dbo schema. So can only access tables such as SQLuser.TableXYZ
I'd check the permissions that you use to connect to the database.
Using dbo.tableXYZ makes it clearer what you want - the tableXYZ in the default dbo schema. There could be a tableXYZ in another schema, too - then SQL Server might not know which one you want.
And it could most definitely be a permissions issue. If you connect to that database in SQL SErver Mgmt Studio as that user - can you see that tableXYZ table??
UPDATE: does the DLL require a specific connection string, that you might not have copied into your calling app's app.config file?? DLL's in .NET can't really have their own mylibrary.dll.config - it will not be read by .NET by default.
you have to use the databasename in your connection-string - otherwise it would just connect und you have to use dbo.databasename.tableXYZ.
you can find the various connection-strings here
As a starting point, you could turn on an SQL Server Profiler trace, to see how the DLL is connecting to the database. e.g. you should be able to see what credentials are being used. You could also confirm to make sure the code is connecting to the right database etc.
When running a SQL statement or a stored procedure on a database, can you connect to an external database and pull data from there?
something like:
SELECT a.UserID, b.DataIWantToGet
FROM mydb.Users as a, externaldb.Data as b
You'll need to setup a Linked Server instance. Then you can reference the external database as though it were a SQL Server database.
Yep -- there's two methods: either use the function OPENROWSET, or use linked servers. OPENROWSET is useful for ad-hoc single statements, but if you're going to be doing this regularly, read up on linked servers as they allow you to do exactly what you've specified in your SQL Statement ... e.g.,
SELECT database.owner.table for local data
SELECT server.database.owner.table for remote data
And yes, you can mix and match to do joins twixt local and remote. Note though that you'll need to be caureul if you do joins against large tables that exist on the remote server as the query could take a long time to exexute...
Yes, you can. You should take a look at linked servers for starters. You can also use OPENROWSET to hit them directly with no linked server.
Easiest way :
Click connect to server
when it asks for server name use:
192.168.X.X,1433\SQLEXPRESS insted of YOURPC\SQLEXPRESS
(The ip and opened port of target sql server)
Type correct username and password
Done!
We have a system with an Oracle backend to which we have access (though possibly not administrative access) and a front end to which we do not have the source code. The database is quite large and not easily understood - we have no documentation. I'm also not particularly knowledgable about Oracle in general.
One aspect of the front end queries the database for a particular set of data and displays it. We have a need to determine what query is being made so that we can replicate and automate it without the front end (e.g. by generating a csv file periodically).
What methods would you use to determine the SQL required to retrieve this set of data?
Currently I'm leaning towards the use of an EeePC, Wireshark and a hub (installing Wireshark on the client machines may not be possible), but I'm curious to hear any other ideas and whether anyone can think of any pitfalls with this particular approach.
Clearly there are many methods. The one that I find easiest is:
(1) Connect to the database as SYS or SYSTEM
(2) Query V$SESSION to identify the database session you are interested in.
Record the SID and SERIAL# values.
(3) Execute the following commands to activate tracing for the session:
exec sys.dbms_system.set_bool_param_in_session( *sid*, *serial#*, 'timed_statistics', true )
exec sys.dbms_system.set_int_param_in_session( *sid*, *serial#*, 'max_dump_file_size', 2000000000 )
exec sys.dbms_system.set_ev( *sid*, *serial#*, 10046, 5, '' )
(4) Perform some actions in the client app
(5) Either terminate the database session (e.g. by closing the client) or deactivate tracing ( exec sys.dbms_system.set_ev( sid, serial#, 10046, 0, '' ) )
(6) Locate the udump folder on the database server. There will be a trace file for the database session showing the statements executed and the bind values used in each execution.
This method does not require any access to the client machine, which could be a benefit. It does require access to the database server, which may be problematic if you're not the DBA and they don't let you onto the machine. Also, identifying the proper session to trace can be difficult if you have many clients or if the client application opens more than one session.
Start with querying Oracle system views like V$SQL, v$sqlarea and
v$sqltext.
Which version of Oracle? If it is 10+ and if you have administrative access (sysdba), then you can relatively easy find executed queries through Oracle enterprise manager.
For older versions, you'll need access to views that tuinstoel mentioned in his answer.
Same data you can get through TOAD for oracle which is quite capable piece of software, but expensive.
Wireshark is indeed a good idea, it has Oracle support and nicely displays the whole conversation.
A packet sniffer like Wireshark is especially interesting if you don't have admin' access to the database server but you have access to the network (for instance because there is port mirroring on the Ethernet switch).
I have used these instructions successfully several times:
http://www.orafaq.com/wiki/SQL_Trace#Tracing_a_SQL_session
"though possibly not administrative access". Someone should have administrative access, probably whoever is responsible for backups. At the very least, I expect you'd have a user with root/Administrator access to the machine on which the oracle database is running. Administrator should be able to login with a
"SQLPLUS / AS SYSDBA" syntax which will give full access (which can be quite dangerous). root could 'su' to the oracle user and do the same.
If you really can't get admin access then as an alternative to wireshark, if your front-end connects to the database through an Oracle client, look for the file sqlnet.ora. You can set trace_level_client, trace_file_client and trace_directory_client and get it to log the Oracle network traffic between the client and database server.
However it is possible that the client will call a stored procedure and retrieve the data as output parameters or a ref cursor, which means you may not see the query being executed through that mechanism. If so, you will need admin access to the db server, and trace as per Dave Costa's answer
A quick and dirty way to do this, if you can catch the SQL statement(s) in the act, is to run this in SQL*Plus:-
set verify off lines 140 head on pagesize 300
column sql_text format a65
column username format a12
column osuser format a15
break on username on sid on osuser
select S.USERNAME, s.sid, s.osuser,sql_text
from v$sqltext_with_newlines t,V$SESSION s
where t.address =s.sql_address
and t.hash_value = s.sql_hash_value
order by s.sid,t.piece
/
You need access those v$ views for this to work. Generally that means connecting as system.