Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeGetting StartedGetting StartedInstalling DNN ...Installing DNN ...dbo vs. non-dbo?dbo vs. non-dbo?
Previous
 
Next
New Post
4/16/2007 8:50 PM
 
John Henley

Joined: 2/3/2003
Posts: 10

I originally installed DNN w/ dbo as the owner and without an object qualifier.

Does anyone have any guidance, pros/cons, thoughts on whether I should go back and re-install (or how to convert) to using another account and/or adding an object qualifier?

Thanks, John
 
New Post
4/16/2007 9:52 PM
 
Michael Gerholdt


Joined: 6/17/2003
Posts: 763

Refer to Charles Nurse doc (part of DNN docs) about hardening DNN sites. It's not about functionality, but finesses on security.

I won't talk about pros and cons. As far as object qualifier, I don't think you can convert, as the object qualifier is prepended to the all the DNN objects (excluding asp membership stuff) when the database is created ... so it's not part of the path like the owner is. In other words, if you initially provided object qualifier of jhdan in your web config file, and installed that way, you wouldn't have a portals table in your database ... you'd have a table called jhdan_portals.

(Cool thing about that is you can use the same database for another DNN install with a different object qualifier lytics and then you'd have another table called lytics_portal and the two would happily coexist. Theoretically ... never tried it.)

As far as the user goes, there it _might_ be easier if you are considering a conversion. You'd need to 1) create a new database user and grant the dbo role to that user; 2) find every single object in the database owned by "dbo" and change ownership over to the new user (see Books on Line for MS SQL 2000 and the sp_changeobjectowner stored proc ... write a cursor, loop through each and every object owned by dbo and change it to the new owner) and 3) change the database user in your web.config.

That's in theory. In practice, I probably wouldn't try it except as curiosity on a throw-away site.

If you are really interested in this, and not overly commited to your current install, I'd start all over with a different database user and an object qualifier.

Is it worth it? Depends somewhat. I think it's certainly worth it to start out that way; it's not the beginning and end of security but a sensible piece of it. If you're site isn't way to far along, and you have a keen interest in as much security as possible ... well, your call.

pmgerholdt
 
New Post
4/16/2007 10:34 PM
 
Network Operations

WWW.SMARTSOURCE-IT.COM
Joined: 8/18/2005
Posts: 49

I've got a lot of experience running multiple hosts from one DB.  Last worked using rev 3.2x with mods to the sql scripts for events which ommited use of the object qualifier for constraints.  Membership model changed in the 3.3 revs.  

 

Changing the sprocs and db's to reflect object qualifier and user is possible.  Check the old asp.net forums for posts by yarko.  He posted some scripts that may help you.
 
 Page 1 of 1
Previous
 
Next
HomeHomeGetting StartedGetting StartedInstalling DNN ...Installing DNN ...dbo vs. non-dbo?dbo vs. non-dbo?


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out