Downgrading from a 12.5.4 server to an earlier version of 12.5.x when encrypted columns has not been configured  Replication issues with downgrade

Chapter 6: Downgrading Adaptive Server

Downgrading from a 12.5.4 server to an earlier version of 12.5.x when encrypted columns has been configured

Use the following procedure to downgrade from a 12.5.4 server to an earlier version of 12.5.x when encrypted columns has been configured.

  1. If encrypted columns are not currently enabled, the system security officer executes: 

    sp_configure 'enable encrypted columns',1

  2. Use drop or alter to decrypt all tables with encrypted columns in all databases. The system security officer runs the following command in each database where encryption keys were created to list all encryption keys created in that database: 

    sp_encryption help

    For each key listed, the system security officer runs the following to see a list of columns encrypted with a particular key: 

    sp_encryption help, <keyname>, 'display_cols'

    For each encrypted column, one of the following steps must be performed:

    1. alter table to decrypt the encrypted column

    2. alter table to drop the encrypted columns

    3. drop the table containing the encrypted column

    After the data encryption has been removed, drop the encryption key.

  3. To guarantee that no other user can access Adaptive Server while a system table is removed, restart the server in single-user mode. See the Utility Guide for details on starting the server in single-user mode.

  4. To remove the sysencryptkeys catalog and the new columns in syscolumns from each database, a user with sso_role and sa_role must execute:

    sp_encryption remove_catalog

    If a database is unavailable, the command prints an error and exits. You should bring the unavailable database online and execute sp_encryption remove_catalog again.

    If columns encrypted by any key in sysencryptkeys exist, the command does not drop sysencryptkeys, but prints an error or warning and continues with the next database. If sp_encryption is successful in removing sysencryptkeys and the new columns from syscolumns, it also removes these rows from sysattributes in each database:

  5. Drop the system stored procedure sp_encryption from the sybsystemprocs database.

  6. Shut down the server. You can now use a 12.5.x Adaptive Server binary from a pre-12.5.4 release area.

  7. Copy the RUN_SERVER file to a 12.5.x release area and modify it to use the data server binary from the 12.5.x release area.

  8. Restart the server using the modified RUN_SERVER file.

  9. Run the 12.5.x version of installmaster to return stored procedures to their original version.

To re-enable encrypted columns, when rolling forward from a downgraded 12.5.4 server back to 12.5.4, configure enable encrypted columns. Upon restarting the 12.5.4 server, the sysencryptkeys system table and the new columns in syscolumns are installed in each database.




Copyright © 2006. Sybase Inc. All rights reserved. Replication issues with downgrade

View this book as PDF