HOWTO: Securing an Acceler8DB Public Database Name

The information in this article applies to:

• Acceler8DB, Release 4.6 and Higher
• Windows
• Deploy

SUMMARY:

This article provides information on how to secure a Public Database Name.  These security measures will allow various applications to use a Public Database name and will restrict various specified users not to have access to the public database name.

STATUS:

Current.

MORE INFORMATION:

NOTE:  Please coordinate with your Network or System Administrator while working with Windows and determining levels of security and while working with the Registry.

Description of a Public Database Name:

• Public Database names can be "seen" by everyone on the Local Machine.  A public database name is similar to a private database name, except it is prefixed with "*Public/" (without the quotes).  A public database name is not "secure"; in that, it can be accessed by anyone that has access to the machine where the database name exists.  Some deployed environments may require the use of Public database names.

  An example of a Public Database name is: "*Public/ASNA Local DB".

  These database names are registered in the HKEY_LOCAL_MACHINE section.

Steps on Setting Security Permissions on your Public Database Name:

NOTE: These following steps assume there is a current Public Database Name already configured and in use.  You will have to be logged in as Administrator to modify registry values.

1. Open your Registry using Microsoft's Registry Editor: REGEDT32.EXE (not REGEDIT);
2. Go to the HKEY_LOCAL_MACHINE window;
3. Select the SOFTWARE -> ASNA -> Acceler8-DB -> CurrentVersion -> DataSources -> *PUBLIC Key;
4. You should see all of your Public database names (See Figure 1);
5. Select the database name you wish to restrict;
6. In the Registry Editor window, select the Permissions menu option under the Security menu;



Figure 1

7. You will be presented with a Securities dialogue (See Figure 2);



Figure 2

8. You can allow and deny any users you wish to restrict or grant access (Please coordinate with your Security Administrator);
9. Make sure that the user that will need to access the database is allowed (e.g. The users that will need to access public database names are: Web Applications, Applications that run in Windows Scheduler, Interactive users, etc.);
10. Test your application in various scenarios to make sure that they can access the database;

TIP:

• Web Applications: You can view $$AVRERR.TXT for any error messages.   This will help you determine if your DB name is correct and can be opened.
• Windows Applications:  You should try logging in as various users on this machine where a public database name is configured, to make sure they can run interactively.  This will help you determine if your DB name is correct and can be opened.

Recommendations:

Note:  The items below are recommendations only.  These recommendations may not suite everyone's requirements. Testing is recommended to determine which type of database name is required for your specific need.

• Web Applications:

  We recommend Web applications to use Public database names because they are usually run out of process and under a different user than the one currently logged in.

   

• Windows Applications:

  We recommend Windows Applications to use Private database names; unless, deployment and / or maintenance requirements need to use Public database names.

Other ASNA KB Articles:

• INFO: Differences between Private and Public Database Names
• PROBLEM: Can't find Database Name when running within an ASP in a Web application
• PROBLEM: Receiving error "invalid user/password" while opening database
• Securing your Database

Other MS KB Articles:

• Enabling User Profiles in Windows 9x (look for the section called: "Enabling User Profiles")

Keywords: "database name types", deployment, maintenance, security, securing, permission