I have a SQL Server database project (sqlproj file) in which I have referenced an assembly containing a user-define aggregate function per https://learn.microsoft.com/en-us/sql/relational-databases/clr-integration-database-objects-user-defined-functions/clr-user-defined-functions?view=sql-server-2017
I was unable to deploy or use my function until I did this:
EXEC sp_configure 'show advanced options', 1;
RECONFIGURE;
EXEC sp_configure 'clr strict security', 0;
RECONFIGURE;
...and also:
EXEC sp_configure 'clr enabled' , '1';
RECONFIGURE;
Along the way, I tried signing the assembly (generated a self-signed cert in a pfx), but could not figure out how to get SQL Server to trust the certificate.
As best I understand it, what I've done is acceptable for a local development deployment, but this is not the right way to deploy to a live environment (or to push to an Azure database service).
I've seen advice which suggests deploying to an older version of SQL Server in order to extract a hash of the assembly to use in a command which will establish trust; this is not useful to me because I only have SQL Server 2017 and have no intention of installing something like 2008 just to extract a hash.
What is the sequence of steps I must perform to successfully deploy my custom assembly with my database and establish trust "the right way", and what exactly does each of those steps accomplish? Part of my problem is a lack of clarity around the need, purpose, side-effects, and "meaning" of each required step.
Related
I'm new to docker and I love the implementation of it since
I wont suffer with auto running with SQL Server now which eat up my
precious MEMORY.
Though when trying to run a code to allow "import" data's from a "Access.mdb" file
using MS Access Database Engine but I got stuck with it..
EXEC sp_configure 'show advanced options', 1;
RECONFIGURE;
EXEC sp_configure 'Ad Hoc Distributed Queries', 1;
RECONFIGURE;
EXEC master.dbo.sp_MSset_oledb_prop N'Microsoft.ACE.OLEDB.12.0',N'AllowInProcess', 1
EXEC master.dbo.sp_MSset_oledb_prop N'Microsoft.ACE.OLEDB.12.0',N'DynamicParameters', 1
I already installed the MSAccessDatabaseEngine in my PC (not in docker) and when I ran it
the error is:
A severe error occurred on the current command. The results, if any, should be discarded.
So I think it should be installed inside the container, my question is... is there anyway around to install this one together with the SQL Server container?
Cheers!
I have a very strange situation on SQL Server that I cannot fathom out.
Environment : SQL Server 2012 SP3 CU3 running on a 2 node Windows 2008 R2 cluster
In SQL Server Management Studio\Management\Maintenance Plans\ I am unable to create or edit existing plans.
I receive the error:
'Agent XPs' component is turned off as part of the security configuration for this server. A system administrator can enable the use of 'Agent XPs' by using sp_configure. For more information about enabling 'Agent XPs', see "Surface Area Configuration" in SQL Server Books Online. (ObjectExplorer)
Checking around that error I expected the following config was going to be required.
-- To allow advanced options to be changed.
EXEC sp_configure 'show advanced options', 1;
GO
-- To update the currently configured value for advanced options.
RECONFIGURE;
GO
-- To enable the feature.
EXEC sp_configure 'Agent XPs', 1;
GO
-- To update the currently configured value for this feature.
RECONFIGURE;
GO
However, I noticed that SQL Agent was already running so I thought I would also check existing config options for 'Agent XPs'
What was interesting was that config_value = 0, run_value = 1 where I was expecting config_value = 1, run_value = 1.
I thought I'd try the sp_configure solution to 'force' the config but when I ran it (step by step), the first RECONFIGURE statement just hung and indeed when it ran I could not even run an sp_who2 to see if it was blocking or being blocked.
The only way I could kill the RECONFIGURE was to close the query window which cancelled it. I therefore am unable to run EXEC sp_configure 'Agent XPs', 1 as the required RECONFIGURE cannot be run.
After a failover of the cluster, the config settings for 'Agent XPs'
remains at config_value = 0, run_value = 1.
Has anyone got any ideas as to how to fix it?
I stumbled across an internet post with a similar issue and that contained a nugget of information that allowed me to ultimately fix the issue.
I documented the case over at SQLServerCentral
https://www.sqlservercentral.com/Forums/1927277/SQL-Server-2012-tells-me-Agent-XPs-component-is-turned-off-but-SQL-Agent-is-running
I'm currently on a host(A), connecting to a MSSQL database on server(B).
When I do a System call, such as
EXEC xp_cmdshell 'Systeminfo' GO
from within MS SQL 2008 it always returns me system information from the client(A) I'm currently running my SQL management tool on.
Is there a possibility to run System calls that will return me information from the server(B)?
I have since asking this question rebooted, and tried all the steps again:
1. Turn off local server
2. Connect to external server
3. Turn on XP_CMDSHELL command for the external server using
-- To allow advanced options to be changed.
EXEC sp_configure 'show advanced options', 1;
GO
-- To update the currently configured value for advanced options.
RECONFIGURE;
GO
-- To enable the feature.
EXEC sp_configure 'xp_cmdshell', 1;
GO
-- To update the currently configured value for this feature.
RECONFIGURE;
GO
And then just run
EXEC xp_cmdshell 'Systeminfo';
GO
Weird that it works now,because I couldn't get it to work past weeks.
It might be very basic question for you friends, but how to allow multiple users on SQL Server installed on remote windows server 2012 machine.?
right now only two user can work at the same time if third one comes one of two who are active has to allow and get out himself.
we are building new server which will allow multiple user to work on the same time.
My question is once we install SQL server on windows server machine what configuration needs to be done to achieve our goal(Multiple user can work on same time) on server machine as well as what configuration needs to be done on computers of people who will be logging into it.
do we need same number of instance similar to how many people will be working on it? if yes it means that many number of same database on the server and more space will be occupied right?
Thanks.
EXEC sp_configure 'show advanced options', 1;
GO
RECONFIGURE;
GO
EXEC sp_configure 'user connections', 777;
GO
RECONFIGURE;
GO
Replace 777 with your limit of connections.
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Enable ‘xp_cmdshell’ SQL Server
When I run xp_cmdshell command in SQL Server 2012, I get the following message:
SQL Server blocked access to procedure 'sys.xp_cmdshell' of component 'xp_cmdshell'
because this component is turned off
as part of the security configuration for this server.
A system administrator can enable the use of 'xp_cmdshell'
by using sp_configure. For more information about enabling 'xp_cmdshell',
search for 'xp_cmdshell' in SQL Server Books Online.
But, in SQL Server 2000 this query is executed successfully.
This has been disabled out of the box starting with SQL Server 2005, when they introduced the Surface Area Configuration Tool, in an effort to make SQL Server more secure by default. That tool has since been retired, but you can still control the behavior using sp_configure. An example is shown on MSDN:
-- To allow advanced options to be changed.
EXEC sp_configure 'show advanced options', 1
GO
-- To update the currently configured value for advanced options.
RECONFIGURE
GO
-- To enable the feature.
EXEC sp_configure 'xp_cmdshell', 1
GO
-- To update the currently configured value for this feature.
RECONFIGURE
GO
(I also blogged about this many years ago.)
The reason is that this is a potential security hole. If you allow SQL Server to execute xp_cmdshell, then they can theoretically send any operating system command there, bypassing any and all security you thought you had. This is especially problematic when the SQL Server service account and/or the proxy account have been elevated to sysadmin or other levels because that's easier than explicitly defining only the exact things they should be able to do.
Rather than enable it and disable it to support command-line interaction, a popular way to expose operating system functionality while still having some control over security is to implement the OS-level functionality you need using SQL-CLR. Here is a good starting point for accessing the file system with CLR (however if you search around you will find much more modern and exhaustive approaches).
This is disable for sql server 2012.
But you can run the following command in sql server 2008..
EXEC sp_configure 'xp_cmdshell', 1
RECONFIGURE