--建立實驗用資料庫
use master
if exists(select [name] from sys.databases where [name] = 'sales')
drop database sales
create database sales
if exists(select principal_id from sys.server_principals where [name] = 'ryan' and [type] = 's')
drop login ryan
create login ryan with password = 'p@ssw0rd'
if exists(select principal_id from sys.server_principals where [name] = 'teddy' and [type] = 's')
drop login teddy
create login teddy with password = 'p@ssw0rd'
go--建立使用者ryan,並建立資料庫主金鑰
use sales
if exists(select * from sys.database_principals where [name] = 'ryan' and [type] = 's')
drop user ryan
create user ryan for login ryan with default_schema = dbo
goif exists(select * from sys.database_principals where [name] = 'teddy' and [type] = 's')
drop user teddy
create user teddy for login teddy with default_schema = dbo
gocreate master key encryption by password = 'p@ssw0rd'
go--使用服務主金鑰加密資料庫主金鑰,
--在此刪除,因為發現資料庫主金鑰建立時預設及利用服務主金鑰加密
--利用服務主金鑰加密的資料庫主金鑰稱為自動金鑰管理
--可以利用以下查詢語句是否啟用資料庫主金鑰的自動金鑰管理
select [name], is_master_key_encrypted_by_server from sys.databases where [name] = 'sales'
--以下語句用於啟用資料庫主金鑰的自動管理
--alter master key add encryption by service master key
go--為ryan建立證書
if exists(select [name] from sys.certificates where [name] = 'cert_ryan')
drop certificate cert_ryan
create certificate cert_ryan authorization ryan
--encryption by password = 'p@ssw0rd'
--建議不要使用密碼,因為經過測試,是用密碼的證書是利用密碼保護,
--而非資料庫主金鑰,可用以下語句測試證書的加密方法
--select [name], pvt_key_encryption_type_desc from sys.certificates
--where [name] = 'cert_db'
with subject = 'certificate for database',
start_date = '01/01/2006',
expiry_date = '12/31/2015'
go--為teddy建立證書
if exists(select [name] from sys.certificates where [name] = 'cert_teddy')
drop certificate cert_teddy
create certificate cert_teddy authorization teddy
--encryption by password = 'p@ssw0rd'
--建議不要使用密碼,因為經過測試,是用密碼的證書是利用密碼保護,
--而非資料庫主金鑰,可用以下語句測試證書的加密方法
--select [name], pvt_key_encryption_type_desc from sys.certificates
--where [name] = 'cert_db'
with subject = 'certificate for database',
start_date = '01/01/2006',
expiry_date = '12/31/2015'
goselect * from sys.certificates
--為ryan和teddy分別建立利用證書保護的對稱密碼
create symmetric key key_sym_ryan authorization ryan
with algorithm = triple_des
encryption by certificate cert_ryan
gocreate symmetric key key_sym_teddy authorization teddy
with algorithm = triple_des
encryption by certificate cert_teddy
go--建立測試用表
if exists(select [name] from sys.tables where [name] = 'encryption')
drop table encryption
create table dbo.encryption
(pt nchar(10), --plain text
et varbinary(128), --encrypted text)go
grant select, insert on encryption to ryan
grant select, insert on encryption to teddy
--完成準備工作,開始測試加密
execute as login = 'ryan'
open symmetric key key_sym_ryan decryption by certificate cert_ryan
insert into encryption
values (n'ryan',encryptbykey(key_guid('key_sym_ryan'), n'ryan'))
close all symmetric keys
revert
execute as login = 'teddy'
open symmetric key key_sym_teddy decryption by certificate cert_teddy
insert into encryption
values (n'teddy',encryptbykey(key_guid('key_sym_teddy'), n'teddy'))
close all symmetric keys
revert
--測試資料已經被加密
select * from encryption
--解密資料
execute as login = 'ryan'
open symmetric key key_sym_ryan decryption by certificate cert_ryan
select pt, convert(nchar,decryptbykey(et)) as et from encryption
close all symmetric keys
revert
execute as login = 'teddy'
open symmetric key key_sym_teddy decryption by certificate cert_teddy
select pt, convert(nchar,decryptbykey(et)) as et from encryption
close all symmetric keys
revert
SQL Server2005複製實現
一 準備工作 1 在發布伺服器上建立乙個共享目錄,作為發布快照檔案的存放目錄。例如 在d 盤根目錄下建資料夾名為pub 2 設定sql 發布伺服器和訂閱伺服器均設定 步驟 開啟服務 控制面板 管理工具 服務 右擊sqlserver agent 屬性 登入 選擇 此帳戶 輸入或選擇第一步中建立的win...
SQL Server 2005完全解除安裝
sql server 2005的解除安裝是乙個非常頭疼的問題。我曾經嘗試過直接使用 新增或刪除程式 工具解除安裝 清除安裝目錄 刪除登錄檔內容等等各種方式綜合解除安裝,勉強成功。現在終於找到了乙個事半功倍的方法,多次嘗試,未有失敗,具體如下 第一種是微軟官方提供的工具 msicuu2.exe 微軟官...
SQLSERVER 2005 遞迴查詢
專案中有使用者組表usergroup如下 其中pid表示當前組的上級組 表資料如下 現在想查詢出頂級組 沒有上級組叫頂級組 a1組的所有子孫組id,sql如下 查詢子節點 with rtd1 as select id pid from usergroup rtd2 as select from rt...