March 4, 2004 at 6:05 am
Hi.
I'm planning to control the transactions, specifically the SELECT statement, that are being executed by NT users against my SQL Server. Reason is because I would like the programmers to be able to see the data only through the application they are developing and not in Enterprise Manager or through SQL Analyzer. I was thinking of these folowing ideas:
1] Change the SELECT statement behavior by controlling the fields that it shows depending on the user and application used.
2] Or, Executing a login script everytime users connect to the SQL server and there defined the specific security permissions and restrictions.
Though, I've been searching for any ways to do this in SQL Server, I'm always ending up on a dead end.
If anyone knows how to do it, please help me. I would very much appreciate your response.
thanks...
March 4, 2004 at 6:50 am
Why not just not allow the developers to install the sql binaries on their machines? Or do they need those?
March 4, 2004 at 7:01 am
Thanks for the reply.
Actually, we've already thought about that but we're also looking at other possibilities if in case one of them rebeliously install enterprise manager or SQL analyzer. The management is very strict about security.
March 4, 2004 at 7:13 am
Are they developing their applications on their local machines or on an application development server?
March 4, 2004 at 11:52 pm
They do their development and testing on their machines.
March 5, 2004 at 2:23 am
Hi,
Is there any reason why they can't view the data in query analyser?
I'm probably stating the obvious but can't you control access to the data with a typical SQL security model using defined NT groups, database roles and permissions.
You can easily deny access to an NT user (if your authentication is by NT) to do anything other than SELECT.
Have a good one
Graeme
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply