views:

48

answers:

4

Background:
I have a site built in ASP.NET with Sql Server 2005 as it's database. The site is the only site on a Windows Server 2003 box sitting in my clients server room. The client is a local school district, so for data security reasons there is no remote desktop access and no remote Sql Server connection, so if I have to service the database I have to be at the terminal. I do have FTP access to update ASP code.

Problem:
I was contacted yesterday about an issue with the system. When I looked in to it, it seems a bug that I had solved nearly a year ago had returned. I have a stored procedure that used to take an int as a parameter but a year ago we changed the structure of the system and updated the stored procedure to take an nvarchar(10). The stored procedure somehow changed back to taking an int instead of an nvarchar.

There is an external hard drive connected to the server that copies data periodically and has the ability to restore the server in case of failure. I would have assumed that somehow an older version of the database had been restored, but data that I know was inserted 7 days and 1 day before the bug occurred is still in the database.

Question:
Is there anyway that the structure of a Sql Server 2005 database can revert to a previous version or be restored to a previous version without touching the actual data? No one else should have access to the server so I'm going a little insane trying to figure out how this even happened.

Any ideas?

A: 

Through Data Transformation Services (DTS) ? or if the scripts that set up the database are available someplace..

Gaby
Gaby - I initially created the database directly on the server and have made all updates by hand. I have only used scripts to copy a backup every so often to bring back to my office to keep production environments updated.
Justin C
+2  A: 

Using SQL Server's built-in backup and restore mechanism, there is no means to pick only certain objects to restore. With transaction log backups, you can restore to a point in time which might be before a certain transaction or ALTER statement was made but that's the closest you get. There are tool's which will let you pick certain objects to restore however they work by either restoring the database to a copy and copying over the objects you want or reading the backup directly and copying out those objects. In other words, this is not something could have happened using the built-in tools accidentally. My guess is that someone accidentally ran an old script of the stored proc(s) that reverted it.

Thomas
"...someone accidentally ran an old script..." would be my guess too. But it *sounds* like there's strong security on that system...?
Philip Kelley
@Philip Kelley - It had to be run by some account that had permissions even if it was a restore. Which means something or someone had to have access. If there are a limited number of accounts with ALTER permissions, then it should make it easy to narrow down the source of the change.
Thomas
The account that ASP connects with is very limited. The only account with any kind of alter privileges on things like stored procedures is the local administrator account.
Justin C
Ergo, find out who knows about/has access to the local admin account, and bring your thumbscrews on your next visit...
Philip Kelley
+2  A: 

It would be trivial to change a stored procedure without touching any data, or any other stored procedure. How who why when, that's the problem.

One suggestion, run

select * from sys.procedures

and check the create_date and modify_date columns, for both your problem procedure and all other procedures in the database.

Philip Kelley
@Philip - Thanks for the idea. That is a command I will only be able to run from the terminal so it will have to wait until the next time I can get out of my office and over to theirs.
Justin C
+1  A: 

I've witnessed similar things happening with an app I have installed at one client location. Every so often the s'procs revert to an older version.

It's just one client, the app is installed at several others which have never had this issue, and they happen to be a school district as well. It happens about once every 3 months or so, and no one should be touching that machine. I'm not even sure they have anyone in house that would know how to open enterprise manager.

Out of curiousity, what backup software is your client using? and, after checking the creation / modify dates on the procedures, did a server reboot occur around that time?

The reason I ask is that my client has backup software that does some really weird things on that server. For example, on reboot it has to "play back" changes, including file operations, since the last successful backup. Also, is it installed in a VM?

Chris Lively
@Chris - Thanks for the ideas, always helps to hear from people with similar issues! I would agree that very few people at the clients office would even know what Sql Server is, let alone how to log in. I do not know what backup software is used but I will try to find out. There should not have been a reboot but I was messing with the system clock, not sure if that would effect the backup software but its possible.
Justin C
Incidentally, I gave up trying to figure this out and instead just keep a script of what the current s'procs are that I can reapply whenever it happens. But I am still curious as to what backup solution they have in place. Since you brought this up it has my mind turning.
Chris Lively