Get backup from a remote SQL Server

StackOverflow https://stackoverflow.com/questions/17091849

Question

I'm writing a program to create a backup of a database and I need to be able to access the backup file in my program afterwards. The user should only provide connection information to the database. The server and the client are on the same network but not necessarily in the same domain. The program runs as admin.

My original plan was to create a share on the client using WMI and then execute the backup with that share as target. But I'm having authentication problems. I think I need a way to create a share everyone can connect to without being prompted for a login.

This has to work for Windows XP and 7.

Is this possible? Is there another solution?

Was it helpful?

Solution 5

With Windows 7 client not in a domain it is possible to connect without authentication by turning off Password Protected Sharing under Advanced Sharing Settings.

With Windows 7 client in a domain this setting doesn't exist. It should be possible by setting the security policy 'Network access: Restrict anonymous access to Named Pipes and Shares' to disabled. But that didn't work for me. Specifying the share in 'Network Access: Shares that can be accessed anonymously' gave me read access but no write. Note that you have to give the local 'ANONYMOUS LOGON' user share and NTFS permissions (still write wouldn't work here). Also note that I have no clue about domains or AD so I don't know whether this can be blocked by domain policies or whatever.

I found another solution which will have to do though I'm not happy with it. The big disadvantage is that you need to be sysadmin on the SQL Server.

  • Create a local temporary user on the the client computer. Max. user name length is 20, you can use a GUID as the password, this should satisfy the various password policies.
  • Create a share and give the temporary user read and write access to the share and the shared directory itself.
  • Enable xp_cmdshell.
  • Use xp_cmdshell and 'net use' to create a deviceless share using the temporary user account. E.g.: xp_cmdshell 'net use \\hostname\tmp /user:hostname\TmpUser E2C3E1B0-AFE6-49D6-96BD-DA5957EB319B'
  • Backup to the share like you would normally.
  • Use xp_cmdshell and 'net use' again to delete the share. E.g.: xp_cmdshell 'net use \\hostname\tmp /delete /yes'
  • If needed disable xp_cmdshell again.
  • Delete share, remove directory permissions and delete temporary user account.

You need sysadmin on SQL Server because Microsoft says the following about xp_cmdshell:

When it is called by a user that is not a member of the sysadmin fixed server role, xp_cmdshell connects to Windows by using the account name and password stored in the credential named ##xp_cmdshell_proxy_account##. If this proxy credential does not exist, xp_cmdshell will fail.

OTHER TIPS

I'm not quite sure what you mean by:

I'm writing a program to create a backup of a database and I need to be able to access the backup file in my program afterwards.

If you mean the Client will need to Restore the Backup you can actually do that pragmatically.

Backup Example:

using (SqlConnection defaultSqlConnection = new SqlConnection("Insert Connection String Here"))
{
        string backupDb = "BACKUP DATABASE [DatabaseName] TO DISK = 'C:\\Users\\Account\\Desktop\\Database Name.bak'";

     using (SqlCommand backupCommand = new SqlCommand(backupDb, defaultSqlConnection))
     {
          defaultSqlConnection.Open();
          backupCommand.ExecuteNonQuery();
     }
}

As you can see our application is simple using SQL to create a backup. The Restore Process is a bit more complex due to variation in methodologies to Restore. You can find the Syntax here. If you couple my original example, just with Restore syntax it should work without a problem.

Obviously you may encounter such issues:

  • Multiple Users Using Database
  • Permissions to Read / Write to Network Share.

You'll also want to ensure you have good Exception Handling and Test against several aspects to ensure the task is done correctly.

Hopefully that points you in the right direction, I believe CodePlex had a utility to accomplish a lot of MSSQL functions such as: Verify, Restore, Backup, and Create.

There's a thread on connect which goes into some detail on the subject of creating a share with WMI that Everyone can access, but it only targets Windows 7 and so might not work on XP.

It could be a good starting point though.

In order to get this to work you’ll need to take care of these first.

  • Make sure backup is stored on some shared folder accessible through the network
  • Make sure that the user running the application has at least read access to that shared

You can create shared folder using WMI on the client machine but note that you’ll need to have admin access on client machine in order to be able to do that. Not sure many users would be happy to give you admin access on their servers.

It might be a good option to ask users to provide both connection and already created shared folder where backups can be stored.

At some point in the past I tried running database restores from shared folders, and I found out that SQL Server was really strict about where such backup files had to be. In short, they have to be 'on your machine', not even a shared folder on the same network. You also can't restore off of a flash drive. Whether those rules have changed I don't know, but this was true for SQL Server 2008. You will have to copy the remote backup to a local folder first.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top