Re: Permissions???
- From: "Mark J. McGinty" <mmcginty@xxxxxxxxxxxxxxx>
- Date: Fri, 23 Sep 2005 22:07:21 -0700
"Rick" <Rick@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:2B2B1E17-F6D1-42B4-84A3-3663AF108450@xxxxxxxxxxxxxxxx
> Hi, all:
>
> Dev Tool: VB6
> Server: SQL Server 2000.
> Environment: Windows 2000/Windows XP/Windows 2000 Server
>
> I had an ADO conection to the from a VB Application, wtih this connection
> the user could Write/Read data from server and execute stored procedures.
>
> The connection was made with DSNs(ODBC). The system created the DSNs and
> connected to the server. Now, since we discovered that any one ,who had
> Office 2000 or XP, could connect to the server and have the same
> permissions
> of the VB appliacation user (through the DSN the sytem created), we
> decided
> to do this:
> 1. Use a DSN-less connection
> 2. Validade the user with SQL Server authetication(not by the tursted
> connection.
> 3. Give theses users the same permissions they had before.
>
> Now, the system has a huge number of calls, updates and stored procedures,
> my problem is that the system now nevertheless can use simple SQL-transact
> staments with no prblem; ADO gives the following message when using stored
> procedures:
>
> "Operation is not Allowed when the Object is closed."
Is "the Object" this error refers to a connection or a recordset?
One point of confusion here has to do with cursor and lock type. If you're
opening a forward only/read only recordset and it returns zero records, the
recordset object will be returned closed, because there's nothing that can
be done with it.
The other confusing thing is that a recordset can contain multiple results;
if your stored procedure executes multiple SQL statements -- even ones that
don't return rows -- a result set is created for each unless you include
this statement at the top of the procedure:
SET NOCOUNT ON
Or alternatively, call NextRecordset until it returns an open recordset (or
Nothing.)
How this differs between the ODBC and OLEDB providers I'm uncertain, but
you're right that if it was strictly a permissions issue you would get a
permissions-related error when you executed the procedure.
-Mark
> If the permissions were the problem, I couldn't execute the procedures
> in the Query Analyzer using the same connection, UserID and Password I
> developed for the VB6 application user.
>
> So, I suspect the problem is not the connection itself, there is something
> in my ADO (v 2.5) statement(¿?).
>
> Here is the stament:
>
> strDSN_p= "Provider=SQLOLEDB;Persist Security Info=False;Initial
> Catalog=MyDB;Data Source=MyServer;User Id=SomeUser;Password=somepassword;"
>
> cnADO_p.ConnectionString = strDSN_p
> cnADO_p.CursorLocation = adUseClient
> cnADO_p.CommandTimeout = 400
> cnADO_p.ConnectionTimeout = 240
> cnADO_p.Open
>
> where cnADO is an ADO connection object.
>
> Any ideas??? I'm really worried because most of users have Office in
> their
> computers and some them are system engineers in manegement possitions(not
> in
> the computer department!) and data must be protected(DSN connections are
> trustless!).
>
>
>
> Note: A public permission has been granted to All the stored procedures.
.
- References:
- Permissions???
- From: Rick
- Permissions???
- Prev by Date: ActualSize returns -1 for Text fields
- Next by Date: Re: Getting the correct date format from SQL-Server 2000
- Previous by thread: Permissions???
- Next by thread: Re: Server side cursors and locking
- Index(es):
Relevant Pages
|
|
