I have started a new job and there is currently no database to store data which I need to perform some financial analysis (what a shame). I have to start from scratch and build a few tables which I will load every day. This is all new to me.
I will ask IT to install SQL Server Management Studio as well as a local server instance, in which I will store my tables (similar to SQLExpress instance installed on my personal laptop).
I will then load the data everyday, I am worried that other people on the network can play around and amend the data.
Do I need to secure the database or not (since its a local install)?
In case they install it on a common drive, how do I make sure that a password is needed to get in or that other people only have read access?
Thanks and Regards
Related
I am working on building a database through SQL Server. I am going to link it to Microsoft Access so that others can easily view and manipulate the data.
I am only at this place for a temporary amount of time, so I need to make sure that someone else in the office can maintain the database once I am gone. If I am only able to use my own personal computer server, is there any way for me to send the entirety of my work to someone else? Or will they have to recreate everything on their own server?
We are maintaining Microsoft Access 2016 database for Locker Management Inventory. The database contains complex queries (Computed Columns) , Reports and Database backend file is also on the same computer.
We are required to use SQL Server Management Studio 2012 as our Back-end for Microsoft Access Forms and this form is required to be accessed by 10 Users on LAN. Please guide Step by Step Procedure for this task.
Thanks in Anticipation.
Access is inherently multi user and has no problem linking to tables on a SQL Server that is on the same LAN.
The design steps are typically to design the application in Access, unsplit, in a single file. Then when the app is ready - one splits the file into a back end and front end that are linked. One can copy the front end multiple times for multiple users.
These steps above are all Access and you'll find good documentation online and in any textbook for the Access database.
The final step, if one must use SQL Server as the back end, is to then import those tables from the Access back end file into the SQL Server. This is not uncommon but the instructions for this would be in SQL Server area.
Hope this helps.
One must understand the fundamental architecture: a multi user Access application is 2 files: front and back (this is actually what they are called). There is only 1 back file - it is where the tables are held. The front file can be copied repeatedly, 1 per user, and all fronts link to the single back end file.
SQL Server is the back end and Access is the front end - in your case.
One only really needs the SQL Server product as the back end file if the payload is particularly high. Pay load is combination of the quantity of records and simultaneous users.
The basic approach is to split your database into two parts. A built in database splitter is built into Access. Once done, you could in theory just place the back end accDB access file on some server folder that is shared to everyone. You then use the linked table manager in Access to link to the back end file.
Since you been “mandated” to use SQL server, then you would migrate the back end accDB file tables to sql server, and then re-link (again use the built in table manager) to link the tables to SQL server. So the process for linking to an access file, or linking to sql server is near identical. The end result is your access application will now be using tables that reside on SQL server. From a developer and even user point of view your forms, code, reports etc. will continue to run as before.
And as a general rule it only makes sense to run SQL server on your machine for development use. You would have to copy/transfer the sql database to that “mandated” instance of SQL server they are telling you to use that presumably is running on some server. It would not make sense to mandate use of SQL server without you being provided with some server running SQL server.
It certainly is possible to allow users to connect to YOUR computer running SQL server, but that seems less than ideal since if you re-boot, shut down or your computer freezes, then all other users would suffer a connection break and much inconvenience.
I mean, right now if you have a shared folder for all users, such folders are typically NOT placed on one users computer, but some dedicated machine that acts as some kind of server for everyone.
So if they are telling you to use SQL server, then it quite much assumed they are providing a dedicated machine that is running SQL server. So certainly for development you can (and even should) run SQL server on your machine. However you would then have to transfer that database to the computer/server they are telling you to use with SQL server. And then you would re-link your Access application tables to now point to that production server. The last step would be to then distribute this correctly linked application to each user. So just like all software you purchase such as word, or Excel, you STILL install that software on each computer. Now that you are building software, then you as a developer will adopt the same concept – that is to distribute and install your software on each workstation. So while you might use word or Excel (or Access) from the local computer, you also may well often “share” some data files (but NOT the application) on the server.
As long as the application you distribute to each workstation is correctly linked and points to the server based edition of SQL server, then you all be sharing the same database. You will NOT in practice have multiple users working on and using the application you created, but distribute that Access application to each workstation. How you “get” that application to each workstation is not really any different then how you would supply a word document or Excel sheet – the only requirement here being that each workstation gets their own copy. Since each users copy of this application has linked tables that point to SQL server, then you all working on and sharing a common database.
So the first concept to grasp is that of spitting a database. I explain this concept here:
http://www.kallal.ca/Articles/split/index.htm
As for some steps and migrating to sql server, here is a great starting point:
https://www.fmsinc.com/MicrosoftAccess/SQLServerUpsizing/index.html
I'm new to SQL server and I have a question
I created a database on a SQL server local DB instance and then I copied the .mdf file of the database to a USB flash drive and I was able to open the database from a different user account'
So I want to understand why is it so? Does it mean that anyone can copy my database file and open it on their own server? And how can I secure that?
Thanks
Does it mean that anyone can copy my database file and open it on their own server?
Yes, as long as it's the same version of SQL Server. This is why it's critical to maintain control of a server running SQL Server and prevent unauthorized access to the file system or backups.
So I want to understand why is it so?
The same software uses the same format. Much like how an Excel document can be saved on one computer and opened on another, so, too, can a database. By default, SQL Server stores data in the easiest and most straightforward manner it can for best possible performance. Security of the data files is often a secondary concern as most SQL Servers physically reside behind locked doors and OS access is restricted to computer administrators with domain authentication.
If you're running SQL Server 2008+ Enterprise, you have access to Transparent Data Encryption which will encrypt the data files on disk. That doesn't prevent moving the database if you have full access to the original host system, but it does mean there are additional steps and it will be difficult to access the data by directly reading the data from the disk. Furthermore, you can also encrypt your backups (I believe SQL Server Standard and above supports this, I'm not sure about Express).
As far as Express LocalDB... your options are pretty limited. You can use NTFS level encryption, but that will impact performance as the DB engine is no longer aware that encryption is going on. Furthermore, anybody who can access the DB unencrypted would be able to access the DB files to copy, so you're not actually protected against inside attacks. You could also use BitLocker full disk encryption, but again, that will come with some I/O cost and, again, doesn't protect against inside attacks.
Finally, no matter what you do anybody with sa or dbo level access to the server will be able to read your data. You can choose to store only encrypted data in the DB, but that pretty much eliminates any advantage of using SQL, and your application would still need to store the means to decrypt it somewhere, which means someone could find your decryption key and work backwards from there.
If the server is a real production server and it's properly secured, people should be able to connect to the database (using the server name and the database name and some kind of authentication), but beyond that, no one except administrators should have any other kind of access to the server.
Specifically, no one but the administrator(s) should:
be able to see the .mdf file or the folder that contains it
have physical access to the server so that they are even able to plug in an USB flash drive
That's how it should be on a "real" server.
SQL Server LocalDB is a local-machine-only version of SQL Server Express for development.
So I guess that the machine you're talking about is a development machine.
But it doesn't matter if it's a production server or development machine - the following always applies:
Whenever someone has access to the actual physical machine, they will be able to copy the database files.
When someone has a copy of the database file, they will be able to restore it on another server and open it with an admin account, no matter what permissions you had set. An admin account will always be able to open it.
There's no way to prevent this, other than to make sure that evil people with USB flash drives will never have any kind of access to that computer, beyond remotely connecting to the database.
EDIT:
What about data encryption and special key?
I personally didn't know about it before, but there's already some information about it in the other answer - go read it.
TL/DR:
Moving the database becomes harder, but not impossible
Getting the data out of the database becomes even harder than moving
...but the OP isn't able to use it, because he's using LocalDB (=Express Edition), but Transparent Data Encryption is available in Enterprise Edition only.
I'll start by explaining what the current set up is and then go onto where it needs to be.
Currently we have a local SQL Server database for a CMS. The database is updated from other servers on site to update product information to display on the website, and CMS information is updated from an MVC application.
Moving forward we need to have a remote server with a SQL Server database that is an identical copy of the local database, this database will never be updated from the remote location.
The problem arises when attempting to design a method to sync the data from the local database to the remote server with no downtime on either end. I know SQL Server Enterprise has features that would help in this case, but we do not have a licence for it at this time.
The best idea we have come up with is to log ship to the remote server, create a restore from database that is receiving the logs being shipped and then update the website's web.config to point to the newly restored database. This could work, but seems overly complicated and we have an issue of an ever changing database name.
If any one could think of a better/simpler solution or a way to make the current idea better it would be much appreciated.
If anything is not clear or more info is needed let me know.
I think the logshipping solution fits your needs. After a one-time setup proces, the logs would be continually shipped from the local db to the remote db. Keeping the remote perfectly in sync with the local one, providing you with the readonly copy.
Logshipping is available in all editions, besides Express.
There would be no need for a continuous restore process.
You can find more information here.
Hi everyone I hav a small problem in uploading my database. I have created a localhost website on my pc for a vehicle tracking system and now i have no clue in uploading it. It's got two Microsoft Access databases in my pc which is used in the website and they get updated at very regular intervals(almost every second) it has to be uploaded to the web real time. Right now I use ODBC on a localhost..
Does anybody have any idea how to do it?
Please help if so...
Depending on your traffic using ACCESS in a webserver multi user environment will be a real pain. (File in access, etc). Perhaps try to build a webservice to make changes directly on the server?
If you don't want to use ODBC you may have a look at ADO connectionstrings (www.connectionstrings.com is a goot starting point).
I would concur with #Sascha I wouldnt even bother wasting the time trying to run your site with access.
Depending on your host you should have access to a free mysql or mssql database. Use this instead. Write a new page that takes parameters and writes them to your online database, that way you can set up a relay on your machine that pushes the changes from your local machine to the web.
This is definitely not easy, but it can be done. You would need to run a SQL Server database on the web server, and then push the data from Access to SQL Server, or pull it from SQL Server.
We've got a couple of links talking about it at SQLServerPedia:
How can I synchronize data between MS Access and SQL Server databases?
How can I link a SQL Server database to MS Access using link tables in MS Access?
Again, it's not easy - judging by the way you worded the question, you're not going to like the answers that you'll read about. You may want to bring in someone who's experienced with web-based databases and replication in order to bring you up to speed and set your expectations about how challenging this will be.