Showing posts with label articles. Show all posts
Showing posts with label articles. Show all posts

Wednesday, March 21, 2012

Moving symmetric keys between servers


I'm having some issues restoring a backup of database that uses native encryption onto another server. I know there are a couple of articles on this but I seem to be missing something. Any help would be greatly appreciated.

Current Server Windows 2000
Destination Server Windows 2003


The original key setup for the current server was achieved by something like this:

CREATE SYMMETRIC KEY HR01 WITH algorithm=DES encryption BY password = 'HRpassword'


Running the command select * from sys.symmetric_keys on the current server I get the following:


name principal_id symmetric_key_id key_length key_algorithm algorithm_desc create_date modify_date key_guid HR01 1 256 56 D DES 2006-11-22 16:36:01.883 2006-11-22 16:36:01.883 BBD80500-338F-47D7-B336-85D46E00F2F0


So I restored the database onto the new server and ran this script:

OPEN MASTER KEY DECRYPTION BY PASSWORD = 'Password';
ALTER MASTER KEY ADD ENCRYPTION BY SERVICE MASTER KEY;
GO

I don't have a master key... so I go back to the original server and ran this script and did another backup:

CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'Password'
OPEN MASTER KEY DECRYPTION BY PASSWORD = 'Password';
ALTER MASTER KEY ADD ENCRYPTION BY SERVICE MASTER KEY;

Running select * from sys.symmetric_keys on the current server now looks like this:

name principal_id symmetric_key_id key_length key_algorithm algorithm_desc create_date modify_date key_guid ##MS_DatabaseMasterKey## 1 101 128 D3 TRIPLE_DES 2007-04-23 16:03:09.183 2007-04-23 17:02:46.630 1CB0D800-0173-4A1E-B841-362B454E60AC HR01 1 256 56 D DES 2006-11-22 16:36:01.883 2006-11-22 16:36:01.883 BBD80500-338F-47D7-B336-85D46E00F2F0

I then restored the new backup onto the 2003 server and ran this script:

OPEN MASTER KEY DECRYPTION BY PASSWORD = 'Password';
ALTER MASTER KEY ADD ENCRYPTION BY SERVICE MASTER KEY;
GO

The alter script now runs fine but I get the error message: The decryption key is incorrect when trying to open the HR01 key


We have seen other cases of problems using DES on Windows 2000 (http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=1122121&SiteID=1). Unfortunately the DES (DES only, not TRIPLE_DES) implementation on Win2k is not as robust as on later versions of the OS. We typically recommend against using DES, and we strongly recommend against using DES on Windows 2000 platforms (use TRIPLE_DES instead).

My personal recommendation on this case would be to try to restore the DB temporarily on a Windows 2000 machine, recover the data and re-encrypt it using TRIPLE_DES algorithm.

By the way, because you are using protection by password instead of by a certificate, the DB master key steps should not be needed in your case.

I hope this information helps. Please, let us know if there is anything else we can do to help.

-Raul Garcia

SDE/T

SQL Server Engine

Posted by prehistoricqwes at 12:01 PM 0 comments
Labels: , , , , , , , , , , , , , , ,

Monday, March 12, 2012

Moving SQL 7.0 to New Hardware

Hi,
I've read some articles on the web but none seem to fit my
situation.
We have an application upgrade and at the same time need
to move our SQL 7.0 to new hardware.
The new server will have Windows 2000 and SQL 7.0
installed and then we will upgrade to SQL 2000 at some
point during our application upgrade.
What is the best method of moving our SQL 7.0 databases to
our new hardware?
Thanks in advance.You can either use BACKUP and RESTORE, or sp_detach_db and sp_attach_db.
Make sure you sync users after transferring databases.
Carlos E. Rojas
SQL Server MVP
Co-Author SQL Server 2000 programming by Example
"Larry" <sloberman@.email.chop.edu> wrote in message
news:582901c40081$dd8e7ae0$a301280a@.phx.gbl...
> Hi,
> I've read some articles on the web but none seem to fit my
> situation.
> We have an application upgrade and at the same time need
> to move our SQL 7.0 to new hardware.
> The new server will have Windows 2000 and SQL 7.0
> installed and then we will upgrade to SQL 2000 at some
> point during our application upgrade.
> What is the best method of moving our SQL 7.0 databases to
> our new hardware?
> Thanks in advance.
Posted by prehistoricqwes at 5:50 AM 0 comments
Labels: , , , , , , , , , , , , , , ,

Moving SQL 7.0 to New Hardware

Hi,
I've read some articles on the web but none seem to fit my
situation.
We have an application upgrade and at the same time need
to move our SQL 7.0 to new hardware.
The new server will have Windows 2000 and SQL 7.0
installed and then we will upgrade to SQL 2000 at some
point during our application upgrade.
What is the best method of moving our SQL 7.0 databases to
our new hardware?
Thanks in advance.You can either use BACKUP and RESTORE, or sp_detach_db and sp_attach_db.
Make sure you sync users after transferring databases.
--
Carlos E. Rojas
SQL Server MVP
Co-Author SQL Server 2000 Programming by Example
"Larry" <sloberman@.email.chop.edu> wrote in message
news:582901c40081$dd8e7ae0$a301280a@.phx.gbl...
> Hi,
> I've read some articles on the web but none seem to fit my
> situation.
> We have an application upgrade and at the same time need
> to move our SQL 7.0 to new hardware.
> The new server will have Windows 2000 and SQL 7.0
> installed and then we will upgrade to SQL 2000 at some
> point during our application upgrade.
> What is the best method of moving our SQL 7.0 databases to
> our new hardware?
> Thanks in advance.
Posted by prehistoricqwes at 5:50 AM 0 comments
Labels: , , , , , , , , , , , , , ,

Saturday, February 25, 2012

Moving Master, Msdb and Model

I've seen the articles about restoring from backup for
the above. But how do you move these databases to a
different location/drive? Thanks.INF: Moving SQL Server Databases to a New Location with Detach/Attach
http://support.microsoft.com/defaul...b;EN-US;q224071
HTH
Jasper Smith (SQL Server MVP)
http://www.sqldbatips.com
I support PASS - the definitive, global
community for SQL Server professionals -
http://www.sqlpass.org
"GoMan" <anonymous@.discussions.microsoft.com> wrote in message
news:1d94401c4548c$833ffd20$a601280a@.phx
.gbl...
> I've seen the articles about restoring from backup for
> the above. But how do you move these databases to a
> different location/drive? Thanks.|||This article should be helpful:
http://support.microsoft.com/defaul...kb;en-us;224071
Russell Fields
"GoMan" <anonymous@.discussions.microsoft.com> wrote in message
news:1d94401c4548c$833ffd20$a601280a@.phx
.gbl...
> I've seen the articles about restoring from backup for
> the above. But how do you move these databases to a
> different location/drive? Thanks.
Posted by prehistoricqwes at 1:00 AM 0 comments
Labels: , , , , , , , , , , , , , , , , ,

Moving Master, Msdb and Model

I've seen the articles about restoring from backup for
the above. But how do you move these databases to a
different location/drive? Thanks.
INF: Moving SQL Server Databases to a New Location with Detach/Attach
http://support.microsoft.com/default...;EN-US;q224071
HTH
Jasper Smith (SQL Server MVP)
http://www.sqldbatips.com
I support PASS - the definitive, global
community for SQL Server professionals -
http://www.sqlpass.org
"GoMan" <anonymous@.discussions.microsoft.com> wrote in message
news:1d94401c4548c$833ffd20$a601280a@.phx.gbl...
> I've seen the articles about restoring from backup for
> the above. But how do you move these databases to a
> different location/drive? Thanks.
|||This article should be helpful:
http://support.microsoft.com/default...b;en-us;224071
Russell Fields
"GoMan" <anonymous@.discussions.microsoft.com> wrote in message
news:1d94401c4548c$833ffd20$a601280a@.phx.gbl...
> I've seen the articles about restoring from backup for
> the above. But how do you move these databases to a
> different location/drive? Thanks.
Posted by prehistoricqwes at 1:00 AM 0 comments
Labels: , , , , , , , , , , , , , , , , , ,

Moving Master, Msdb and Model

I've seen the articles about restoring from backup for
the above. But how do you move these databases to a
different location/drive? Thanks.INF: Moving SQL Server Databases to a New Location with Detach/Attach
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q224071
--
HTH
Jasper Smith (SQL Server MVP)
http://www.sqldbatips.com
I support PASS - the definitive, global
community for SQL Server professionals -
http://www.sqlpass.org
"GoMan" <anonymous@.discussions.microsoft.com> wrote in message
news:1d94401c4548c$833ffd20$a601280a@.phx.gbl...
> I've seen the articles about restoring from backup for
> the above. But how do you move these databases to a
> different location/drive? Thanks.|||This article should be helpful:
http://support.microsoft.com/default.aspx?scid=kb;en-us;224071
Russell Fields
"GoMan" <anonymous@.discussions.microsoft.com> wrote in message
news:1d94401c4548c$833ffd20$a601280a@.phx.gbl...
> I've seen the articles about restoring from backup for
> the above. But how do you move these databases to a
> different location/drive? Thanks.
Posted by prehistoricqwes at 12:59 AM 0 comments
Labels: , , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)