Re: Integrate AzMan with SQL Database?
- From: Bradley Plett <plettb@xxxxxxxxxxxxxxxx>
- Date: Wed, 20 Aug 2008 10:41:25 -0600
Unfortunately, whereas that URL leads to a reasonably good article on
row-level security, it is a simplistic approach that does not
implement any of the flexibility nor administrative features that
AzMan (nor Active Directory, for that matter) provides. I know how to
add a user name to each row, etc., but that does not provide a
hierarchical (e.g. AD groups) nor role-based (as per AzMan) system.
Whereas I could extend it to do that, I'm sure I'm not the first to be
faced with this, and I'd prefer not to reinvent the wheel!
Brad.
On Wed, 20 Aug 2008 08:30:46 +0300, "Uri Dimant" <urid@xxxxxxxxxxx>
wrote:
http://vyaskn.tripod.com/sql_server_security_best_practices.htm --------security.
best practices
"Bradley Plett" <plettb@xxxxxxxxxxxxxxxx> wrote in message
news:1dsla413ljmb5p92qvib5vl0qddar5ha13@xxxxxxxxxx
I don't know if this is the right newsgroup for this, but....
We need to secure records in a table based on Active Directory
permissions. Can someone point me to a good resource (with examples)
of how to go about this? Here is some pseudo-code of what I'd like to
be able to do:
select * from mytable where UserIsAllowed("Brad")
In this example, the "UserIsAllowed" function tests each record,
presumably using AzMan, checking both the user and the groups the user
belongs to.
Any help would be appreciated. Thanks!
Brad.
- References:
- Integrate AzMan with SQL Database?
- From: Bradley Plett
- Re: Integrate AzMan with SQL Database?
- From: Uri Dimant
- Integrate AzMan with SQL Database?
- Prev by Date: Re: Logon triggers
- Next by Date: Re: Trigger to get log file transaction into a table.
- Previous by thread: Re: Integrate AzMan with SQL Database?
- Next by thread: Re: Trigger to get log file transaction into a table.
- Index(es):
Relevant Pages
|
