Hello A5 veterans and gurus,
I have an idea and would like thoughts/suggestions before I invest too much time testing/implementing.
Brief overview of our setup: Running A5 over network share (\\DedicatedSvr\LiveA5NetSharedDB\) from a dedicated server. DB encrypted using A5 encryption. Using A5 security for individual user logins.
I would like to run some maintenance scripts / reports after hours using script_play / script_schedule(). It is my understanding an A5 user account needs to be logged in to the DB to unlock the encryption so tasks such as script_play() or script_schedule() function/execute. So what I need is an A5 account that is always logged in and preferably one that can automatically log in.
So here is my idea:
Copy the workspace on the dedicated a5 server from C:\LiveA5NetSharedDB\ to C:\MaintDB\
Drop all the tables from the MaintDB
Add all tables from the Live DB (C:\LiveA5NetSharedDB\) as "foreign folder" tables to the MaintDB
In the A5 security frame work of the maintDB enable "use Windows Logon"
make a matching Windows and A5 user account (AlphaMaintUser) so the A5 "use windows logon" feature automatically logs in the user
add the MaintDB workspace to the Windows User account "startup" folder
All I would need to do is make sure the AlphaMaintUser Windows user account is logged into after sever reboots (I am thinking I'll use PRTG to monitor the server to ensue the user is logged in and a5 is running under that account).
From there it would be a matter of adapting the batch schedule_scripts() solution from the A5 documentation to run on the MaintDB after hours.
Caveats/Roadblocks I am anticipating:
What do you guys think? Is there a simpler way? Are there security risks that raise red flags for you? Security is a concern for us since we have HIPPA/Hitech Act concerns with our data.
Thanks!
- Marco
I have an idea and would like thoughts/suggestions before I invest too much time testing/implementing.
Brief overview of our setup: Running A5 over network share (\\DedicatedSvr\LiveA5NetSharedDB\) from a dedicated server. DB encrypted using A5 encryption. Using A5 security for individual user logins.
I would like to run some maintenance scripts / reports after hours using script_play / script_schedule(). It is my understanding an A5 user account needs to be logged in to the DB to unlock the encryption so tasks such as script_play() or script_schedule() function/execute. So what I need is an A5 account that is always logged in and preferably one that can automatically log in.
So here is my idea:
Copy the workspace on the dedicated a5 server from C:\LiveA5NetSharedDB\ to C:\MaintDB\
Drop all the tables from the MaintDB
Add all tables from the Live DB (C:\LiveA5NetSharedDB\) as "foreign folder" tables to the MaintDB
In the A5 security frame work of the maintDB enable "use Windows Logon"
make a matching Windows and A5 user account (AlphaMaintUser) so the A5 "use windows logon" feature automatically logs in the user
add the MaintDB workspace to the Windows User account "startup" folder
All I would need to do is make sure the AlphaMaintUser Windows user account is logged into after sever reboots (I am thinking I'll use PRTG to monitor the server to ensue the user is logged in and a5 is running under that account).
From there it would be a matter of adapting the batch schedule_scripts() solution from the A5 documentation to run on the MaintDB after hours.
Caveats/Roadblocks I am anticipating:
I have read it is not recommended to run A5 runtime/full version on the server that is actively sharing the DB files but I assume this precaution only applies if other users are in DB at the same time. Is this correct?
I will have to keep a watchful eye on my code when I reference tables, I may need to use fully qualified names in the MaintDB code.
I will have to keep a watchful eye on my code when I reference tables, I may need to use fully qualified names in the MaintDB code.
What do you guys think? Is there a simpler way? Are there security risks that raise red flags for you? Security is a concern for us since we have HIPPA/Hitech Act concerns with our data.
Thanks!
- Marco
Comment