Question : sql server stored procedure and permissions

hello experts,

we are trying to lock down our sql server environment for a custom application.

its a ms sql server 2005 standard install. we have a custom app that has to have full access to a DB on the server, but we don't want any other apps to be able to read/write to that DB.

one suggestion was to use a stored procedure embedded in the custom app that would more or less pass a key/password that would let that specific session to have read/write access to the DB, but any other sessions would have no rights to the target DB.

the DB is being accessed via ODBC connections. one thing we were trying to avoid with the stored procedure setup would be the following scenario:
1. user opens MS access and tries do connect to the DB, but is denied (obviously, this is after we have made the changes)
2. user opens custom app that passes SP to the DB, which gives that session full rights on the DB
3. at this point, the user should not be able to open access back up and connect to the DB, it should be locked down specifically to the session established by the custom application.

questions:
1.  is this possible?
2. if so, how is the best way to do this? stored procedure as mentioned? a better/different way?

my initial thought was to lock tables down to user name (we are using NT authentication), but because of the complexity of the custom app and the vastness (1000+ tables), locking the DB down by tables isn't really plausible.

thanks, let me know if i need to provide more detail.

Answer : sql server stored procedure and permissions

If they have it in cache the best thing to do is have them export it to a pst. Connect to the new exchange server and import it back into their new empty mailbox.

A longer way is to take the psts and put them on a share drive and use exmerge on the server to import it into mailboxes.
Random Solutions  
 
programming4us programming4us