I am trying to deploy a Database Project with Visual Studio 2005 and SQL Server 2005 Standard.
I import “System.IO” and have therefore set the permission levels to EXTERNAL_ACCESS.
I am receiving the same error message that many folks have received.
CREATE ASSEMBLY for assembly 'Images' failed because assembly 'Images' is not authorized for PERMISSION_SET = EXTERNAL_ACCESS.
The assembly is authorized when either of the following is true: the database owner (DBO) has EXTERNAL ACCESS ASSEMBLY permission and the database has the TRUSTWORTHY database property on; or the assembly is signed with a certificate or an asymmetric key that has a corresponding login with EXTERNAL ACCESS ASSEMBLY permission. If you have restored or attached this database, make sure the database owner is mapped to the correct login on this server. If not, use sp_changedbowner to fix the problem. Images.
My CLR access is “on”
I have tried
1) From master run: GRANT EXTERNAL ACCESS ASSEMBLY to [Builtin\Administrators].
2) From master run: GRANT EXTERNAL ACCESS ASSEMBLY to “My Windows Authentication ID”.
3) Run ALTER DATABASE MYDATABASE SET TRUSTWORTHY ON
4) In Visual Studio .NET 2005 Set the permission levels to ‘external’
5) Tried Builtin\Administrators and my SQL Server Windows Authenticated Login ID for the ASSEMBLY OWNER.
I can compile BUT NOT DEPLOY
Any help would be greatly appreciated.
Regards Steve
Who is the owner of the database ?Jens K. Suessmeyer.
http://www.sqlserver2005.de
|||
Hi Thanks for the reply.
I am running with Windows Authentication at the present moment , under the ID Administrator1 (running under windows Vista.(still would like to get reporting services to run 
) . I did read the article on "Opening up the Administrator ID in Vista and installing SQL Server 2005 under that ID."
Re my current problem....
I managed to get it to deploy. I assigned Administrator1 as an "owner" of the database and gave the ID security administrator rights. I did the same with Builtin/Administrator.
I found something very interesting. I am able to deploy CLR stored precedures from the Visual Studio environment but not CLR functions. (EXTERNAL ACCESS) In order to deply functions I must compile the Dll and create SQL to CREATE the ASSEMBLYfrom within the SQL Server Environment. Any ideas why.?
Once again thanks for the help? Very much appreciated.
Steve
|||OK Folks this took me about 3 hours to do BUT I have resolved the problem and it WORKS!!!
BTW I am using SQL Server 2005 Standard and Visual Studio.NET Enterprise
First create a Strong key as described in“The secret of strong naming”
DO NOT DODELAY SIGNING !!!!!!
http://www.ondotnet.com/pub/a/dotnet/2003/04/28/strongnaming.html
Sn – k MyKeyFile.snk
FIND OUT WHERE THE SNK FILE WAS COMPILED.
Go into VS2005 .NET and under project / properties in the signing page click the Sign the Assembly check box and browse to find MyKeyFile.snk
The database page
Mark the assembly for external access and leave the owner blank
Now we must go to the article
http://sqljunkies.com/WebLog/ktegels/archive/2006/08/14/safetydancelite.aspx
The text below comes from this article....
A kinder, lighter Safety Dance for the SQLCLR
A few months ago, I published a step-by-step procedure for using certificate to sign an assembly so an external access or unsafe assembly could be run without having to set the hosting database to trustworthy. The major problem with that process was its weight: a lot of steps and some still requirements in terms of certificate management. Turns out that yes, there is an easier way to make it work.
Part one -- preparing the master database
1. As needed, start a series of queries against the MASTER database.
2. Create the target database (meaning execute a CREATE DATABASE query).
3. Code and compile the assembly you want to deploy. Make sure you sign the assembly with a strong name key file. This can be done with a PFX file generated by Visual Studio.
4. Create an asymmetric key from from the compiled assembly using a statement like this: create asymmetric key <key_name> from executable file = '<path_to_dll_file>'
USE Master
GO
create asymmetric key imageskeyFile from executable file = 'C:\YEAR 2007\Images\Images\bin\Debug\Images.dll'
5. Create a login based on that asymmetric key using a statement like this: create login <login_name> from asymmetric key <key_name>
Use Master
Go
create login ImageMaker from asymmetric key imageskeyFile
6. Grant that login the right to create either or both an unsafe or external access assembly (as needed) using: grant unsafe assembly to <login_name>
Use Master
Go
grant EXTERNAL ACCESS assembly to ImageMaker
Part two -- preparing the hosting database
1. As needed, start a series of queries against the desired user database.
2. Create a user in that database mapped to the login created in part, step 5. (e.g. create user <db_user> from login <login_name>)
3. Give that user the right to catalog an assembly, e.g.: grant create assembly to <db_user>
4. Catalog the desired assembly using the now trusted asymmetric key with a statement like: create assembly <assembly_name> authorization <db_user> from '<path_to_dll_file>' with permission_set = unsafe or external access as shown below
SET QUOTED_IDENTIFIER OFF
USE YEAR2007
GO
CREATE ASSEMBLY Images
AUTHORIZATION ImageMaker
FROM "C:\YEAR 2007\Images\Images\bin\Debug\Images.dll"
WITH PERMISSION_SET = EXTERNAL_ACCESS
GO
No comments:
Post a Comment