Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

All Forums  SQL Server 2008 Forums  SQL Server Administration (2008)  Limiting access to OLE functions to db procedures?

Author  Topic  talu Starting Member 1 Post Posted - 2010-10-01 : 11:15:39 I am migrating our legacy system to 64-bit SQL*Server 2008. Due to its long history (started in SQL*Server 6) it also uses a set of home-grown extended stored procedures, whose functionality I'm now reimplementing in Transact/SQL. Some of the functions were easiest to reimplement with help of some sp_OA* -methods. The docs I have skimmed only show how to enable OLE procs with <sp_configure 'ole automation procedures',1>. And some forum post somewhere seemed to mention that OLE procs are available only to DBAs (is this correct?). This is fine and dandy for me, being the DBA on this development box. But of course, in the operational configuration the normal application user should and will not have such extensive rights. Our applications need not directly call OLE-methods as all our business logic resides in database procedures. So, does anyone know if it is possible to grant and limit access to OLE-methods only to a small set of wrapper procedures? Or, could a db procedure be written or configured to impersonate a more powerful user temporarily (like the unix setuid programs do) ? But maybe this is not possible? Thanks in advance for anyone's time and insights! -tapio