We have a Server A and a Server B.
In Server A we have our ERPs made in Access and VBA.
In Server B we have an instance of SQL Server that needs to stay in that server.
Some Access databases need to link to some tables from that SQL Server instance and I don't want the password to be stored in the MSysObjects table, so I cannot manually link the tables checking the save the connection option.
I saved the connection string in a table with password obfuscation. With that connection string I re-link the tables on startup.
The instance is accessed through it's IP, not the name of the instance. If I use the name of the instance it doesn't work.
It works for me but not for other users except one.
The SQL Server instance has been properly configured to allow remote connections, the ports have been opened and rules added to firewall. If it wasn't properly configured it wouldn't work for me and the other user, so I'm pretty confident in that. The same with the connection string and the methods to stablish the connection in Access.
What I've tried:
Installing the SQL Native Client 11.0.
Installing a full SQL Server Express.
Configured the SQL Browser service to star automatically instead of being disabled.
Step 1 did not work for any user. Step 2 did work for one user but not for the rest. Step 3 did not had any effect. For me I had it installed in my machine since forever, so it doesn't apply.
If I try to do the same with a SQL Server instance in our LAN it works for every user, but not when the instance is in a remote server.
Note I have limited knowledge. Maybe I say something that does not make sense.
Ok, a few things:
Installing the SQL Native Client 11.0.
Ok, then you have to re-link the tables - choose the new driver. A refresh of the linked tables is NOT sufficent. And this ALSO means that each work station ALSO now must have native 11 instlled. And if you say decide to link using native 17 (a much newer odbc driver), then AGAIN YOU must install this native driver on each work station. While you can install multiple sql drivers on each workstation, the driver you used to link the tables MUST ALSO be installed and exist on each work station.
Installing a full SQL Server Express.
Why? What would installing a copy of sql server have to do with OTHER sql servers on other machines that you are attempting to connect to? You think installing sql server on a machine effects the sql server running say on amazon.com? So, this move makes no sense at all.
You are attempting to connect to some instance of sql server running on some other computer. Makes no sense nor will it help to install some copy of sql server that you not using, not connecting to, and that has zero to do with this issue.
Configured the SQL Browser service to star automatically instead of being disabled.
Where? The browser service is set to run and startup on the server and SAME machine where sql server is installed and running. So, yes, without question, those two sql servers A, and B most certainly MUST have the sql browser service running. That service is what allows the client computers to connect to that running instance of sql server. In the past, older (previous) versions of sql server would allow a default connection, but now in near all cases, you MUST ensure that the sql browser service is running on that computer that also has the database you are attempting to connect to.
it's worth to note that the instance is accessed through it's IP, not the name of the instance.
No, you likly have this incorrect. There are two part.
The server name - and then the "instance" of sql server running.
While you can swap out (not use) the server name, you STILL WILL NEED to specify the sql server instance.
So, you can use this format:
myservername\SQLEXPRESS
Or, you can replace the server with a IP address, but you STILL NEED the sql server instance. (by default, it is SQLEXPRESS - but you have to check what the instance of sql server database is).
192.168.1.30\SQLEXPRESS
So while you can use IP or server name - it is often more reliable to use the IP address, but that does NOT get you off the hook from having to specify the sql instance you connect to. Again, previous editions of sql server often allowed a "default" instance, and you did not in general have to specify the "instance", but now you do. And to be double clear, when using such a instance, that sql server needs to be running the sql browser service. (in fact, the browser service is what translates the incoming request to the given and correct instance of sql server).
I DON'T want the password to be stored in the MSysObjects table,
You don't have to, and in fact should NOT include the uid/password in your connection string. And in fact ZERO reason exists to do so.
What you do is execute a one time logon, and THEN link the tables without UID/password. This is not only a great idea, but it also means that your uid/password is not included in the connection strings, but also means users can't get at, or even by accident see/get the uid/password.
It also means that say someone where to launch a copy of access, and import the linked tables from this applcation. When they attempt to use the linked tables, they will NOT work.
So, then how do linked tables work without a password? (and this ALSO by the way saves you from having to re-link tables on startup!!!).
The way this works, is you in code execute a one time logon to the server on startup. That means you can either:
Prompt the user for their sql UID/password.
or
Have in code, the uid/password. (or perhaps in a text file y ou read on startup. You can thus hide, or encrypt or whatever for that uid/passwords.
Then in your startup code, you execute a one time logon. Once you done this, then all linked tables will now work - and work without having uid/password.
since you have two servers then you need to execute two logons, one for server A, and one for server B. But, once again, as long as the linked tables exist, then they will work.
Now, there are "longer" articles on how to use this logon idea, and then not have to include, or re-link your tables for the SQL uid/password.
The basic code to execute a logon is like this:
Function TestLogin(strCon As String) As Boolean
On Error GoTo TestError
Dim dbs As DAO.Database
Dim qdf As DAO.QueryDef
Set dbs = CurrentDb()
Set qdf = dbs.CreateQueryDef("")
qdf.connect = strCon
qdf.ReturnsRecords = False
'Any VALID SQL statement that runs on server will work below.
' this does assume user has enough rights to query built in
' system tables
qdf.sql = "SELECT 1 "
qdf.Execute
TestLogin = True
Exit Function
TestError:
TestLogin = False
Exit Function
End Function
Keep in mind, that ONCE you acheived a legal logon, then EVEN addtional logon attempts will return true.
Not usually a big deal, but this means you supply a valid connection to above, and if it logs on and works - then now all your linked tables (without uid/password) will work.
I note the above issue that ONCE you done the logon, then all 2nd or more times running the above will work (even if bad or incorrect!!! - DO NOT forget this tip!!!). (this can confuse the daylights out of a developer, since they execute logon, (or open a table). Then they test above routine with a BAD uid/passwords, and it works!!!
So, you have to EXIT access to clear out the password cache - no other way.
So, keep the above tips in mind.
I have a project that current uses a hard coded SQL connection string. I want to make this more flexible so that when I move it to another environment the user can browse for the SQL server to connect to since it will have a different than my test server. I have tried countless ways to Google for a solution and I am just not getting any hit. I am looking for something similar to the open file dialog in VB, except for SQL servers, where it will list all the servers available on the network and let the users select one, then enter credentials.
Does such a thing exist?
Thanks!
It should be easy to develop a dialog box similar to one SQL Server Management Studio uses. Be aware that all instances on the network cannot be enumerated because broadcast packets are not typically routed and due to firewalls so you'll need to allow the user to enter a server name in the combobox. Here's a code snippet to return a DataTable of the found instances (http://msdn.microsoft.com/en-us/library/a6t1z9x2(v=vs.110).aspx):
Dim dt As DataTable = System.Data.Sql.SqlDataSourceEnumerator.Instance.GetDataSources
Below is a screenshot of the login dialog from SSMS. Just populate the server name combobox with the server and instance names from the data table, and add the other needed controls.
I have a VB procedure that changes a connection string for all 360 linked tables in my Access 2002 database. If I run this procedure using an SQL server in my local network, it runs about 30 seconds. The problem is that I have to use an SQL server somewhere in the Internet. In this case the procedure runs for about 5 minutes.
The question is - how can I prevent Access from connecting to the server to check every table I re-connect?
An alternative question (maybe more correct).
I need to run that re-connection procedure on every user's computer every time I give them a new version of the database, to save user's login and password into every linked table. Maybe there is some other way to set the username and password for the ODBC connection?
Linked tables do NOT all of a sudden decide to connect to some some server. So the recommend approach here is to link the tables once (and leave the password + user name OUT of the link).
Then on startup, all you do is execute ONE logon command and then ALL OF THE tables are instant available and able to be used WITHOUT any re-link or re-fresh of the conneciton string. Same goes for any pass-ghouth queries etc.
So the existence of a linked table IS NOT USED on startup and you can have 3 or 300 linked tables and launch Access WILL NOT cause a connection to occur “unless” you decode to do something like a re-link.
Bottom line:
You don’t and should not re-link on startup
You do not need to include the user name + password in the table links.
A ONE TIME logon at startup will cause Access to “cache” the user name + password and this will be used for ALL CURRENT EXISTING table links. The beauty of this is when the user exits the applctaion then no passwords etc. are stored in the linked tables.
So you cannot prevent access from connecting to the server during a table re-link since that what it must do.
However there is LITTLE if not ZERO reason to re-link every time on startup? Why are you doing a re-link are startup?
I need to run that re-connection procedure on every user's computer every time I give them a new version of the database,
Why not link the database on your machine BEFORE you distribute it to that user? After all the connection is over the internet – so you should be able to link to that database system from your development computer. And assuming you cannot, then ok, perhaps you might beforced to do a ONE time re-link. Try the re-link with a cached logon – it likely will run faster, but then again it will only be a one time re-link anyway.
save user's login and password into every linked table.
NO NO this is NOT required nor is recommended. If a user holds their mouse over a linked table then if you included the user name + password it is in plan view.
You DO NOT want to include the user name + password in each linked table. How to execute a SINGLE logon and have that logon used for ALL tables (without a re-link) and for ALL tables EVEN without the user id + password saved is outlined here:
Power Tip: Improve the security of database connections
http://blogs.office.com/b/microsoft-access/archive/2011/04/08/power-tip-improve-the-security-of-database-connections.aspx
When I link the Microsoft Access to SQL Server locally, everything works. The second I go to a computer that is on the network, I am not able to open the form I created on the Access database.
I found out that if I open the link, I will get an error. If I choose where the DB through configurations in Access, I get the error again. If I try this a third time, it connects to the database and it is fully linked--I am able to type data into Access and it will store it in the SQL Server database as well.
My question is: How do I get it to connect to the server on the first try? I have to hit "connect" three times which takes about 5 minutes to log in. That isn't very efficient when the people using this program nothing about computers.
Linking Access to SQL Server uses ODBC. Make sure your ODBC settings are correct.
Can I use OPENDATASOURCE (or another mechanism) from a Stored Procedure to connect to the same database as a different user? If so, how?
The database is meant to be deployed to several customers, and replicated by them as many times as they want to, etc. For this reason, I CANNOT HARDCODE the database server's name or the database's name.
(I tried using OPENDATASOURCE, but it only accepts hardcoded connection strings.)
Might EXECUTE AS work in your situation? http://msdn.microsoft.com/en-us/library/ms181362.aspx
You can set up a Linked Server to connect to the remote server using the login's current security context (or other options as it applies to your situation).
From your stored procedure, you could access it with something like SELECT * FROM mylinkedservername.mylinkedserverdatabase.dbo.mytable
But you say you want to connect to the same database but using a different login? You're looking for impersonation. Perhaps you can do this making a Linked Server that references itself, I haven't tried it. Search Microsoft Help documentation for how to set it up normally and test if it does what you're looking to do.