You can start the utility database on a database server by specifying utility_db as the database name when connecting to the server. You can use the -su server option to set the utility database password for the DBA user, or to disable connections to the utility database. If the -su option is not specified when starting the utility database, then the user ID and password requirements are different for the personal server and the network server.
For the personal database server, if -su is not specified, then there are no security restrictions for connecting to the utility database. For the personal server, you must specify the user ID DBA. You must also specify a password, but it can be any password. It is assumed that anybody who can connect to the personal database server can access the file system directly so no attempt is made to screen users based on passwords.
To avoid typing the utility database password in plain text, when using the -su option, you can create a file that contains the password and then obfuscate it using the dbfhide utility. For example, suppose the file named util_db_pwd.cfg contains the utility database password. You could obfuscate this file using dbfhide and rename it to util_db_pwd_hide.cfg:
dbfhide util_db_pwd.cfg util_db_pwd_hide.cfg |
The util_db_pwd_hide.cfg file can then be used to specify the utility database password:
dbsrv12 -su @util_db_pwd_hide.cfg -n my_server c:\mydb.db |
See File Hiding utility (dbfhide).
For the network server, if -su is not specified, then you must specify the user ID DBA, and the password that is held in the util_db.ini file, stored in the same directory as the database server executable file. As this directory is on the server, you can control access to the file, and thereby control who has access to the password. The password is case sensitive.
The util_db.ini file is deprecated. You should use the -su server option to specify the password for the utility database's DBA user. See -su dbeng12/dbsrv12 server option.
Start a database server with the following command:
dbeng12 -n TestEng |
For additional security, the -su option can be used to specify the utility database password.
Start Interactive SQL.
In the Connect window, specify the following information.
In the User ID field, type DBA.
In the Password field, type any non-blank password. The password itself is not checked, but the field must not be empty.
From the Action dropdown list, choose Connect To A Running Database On Another Computer.
In the Database Name field, type utility_db.
In the Server Name field, type TestEng.
Click Connect.
Interactive SQL connects to the utility database on the personal server named TestEng.
Start a database server with the following command:
dbsrv12 -n TestEng -su 9Bx231K |
Start Interactive SQL.
In the Connect window, type DBA for the User ID, and type the password specified by the -su option. In this example, the password is 9Bx231K.
From the Action dropdown list, choose Connect To A Database Running On Another Computer.
In the Database Name field, type utility_db.
In the Server Name field, type TestEng.
Click Connect.
Interactive SQL connects to the utility database on the network server named TestEng.
See SQL Anywhere database connections and -su dbeng12/dbsrv12 server option.
When you are connected to the utility database, executing REVOKE CONNECT FROM DBA disables future connections to the utility database. This means that no future connections can be made to the utility database unless you use a connection that existed before the REVOKE CONNECT was done, or restart the database server. See REVOKE statement.
Discuss this page in DocCommentXchange.
|
Copyright © 2010, iAnywhere Solutions, Inc. - SQL Anywhere 12.0.0 |