First, create a table for testing purposes in your existing database:

CREATE TABLE [dbo].[CreditCards] (CardId INT PRIMARY KEY , CardNumber varbinary(256) )
GO

This creates a simple table with two columns.

Now, you will create a Symmetric Key that uses a password for authentication. Another option is to use a certificate, but that won’t be covered here.

CREATE SYMMETRIC KEY [PasswordProtectedKey] 
WITH ALGORITHM = TRIPLE_DES 
ENCRYPTION BY PASSWORD = ‘12345′
GO

You can now enter some test data into the CreditCard table. Note that you must first open the key.

OPEN SYMMETRIC KEY [PasswordProtectedKey] DECRYPTION BY PASSWORD = ‘12345′

GO

– Insert some data into your test table
DECLARE @KeyGuid AS UNIQUEIDENTIFIER
SET @KeyGuid = key_guid(‘PasswordProtectedKey’)

INSERT INTO [CreditCards] VALUES ( 1, encryptbykey( @KeyGuid, N‘1111-0000-0000-0000′))
INSERT INTO [CreditCards] VALUES ( 1, encryptbykey( @KeyGuid, N’2222-0000-0000-0000′))
CLOSE SYMMETRIC KEY [PasswordProtectedKey]
GO

Now you can try retrieving data from your table. First, try running an ordinary SELECT statement and note that the returned data is encrypted and unuseable. In order to return unencrypted data, you must use the key:

OPEN SYMMETRIC KEY [PasswordProtectedKey] DECRYPTION BY PASSWORD = ‘12345′
GO

SELECT CardId, convert( NVARCHAR(100), decryptbykey( CardNumber )) AS ‘Card Number’
FROM [dbo].[CreditCards]
GO

And what if you want to find a specific credit card number?

OPEN SYMMETRIC KEY [PasswordProtectedKey] DECRYPTION BY PASSWORD = ‘12345′
GO

SELECT CardId, convert( NVARCHAR(100), decryptbykey( CardNumber )) AS ‘Card Number’
FROM [dbo].[CreditCards]
WHERE convert( NVARCHAR(100), decryptbykey( CardNumber )) = ‘2222-0000-0000-0000′

GO

If you need to change the password:

OPEN SYMMETRIC KEY [PasswordProtectedKey] DECRYPTION BY PASSWORD = ‘12345′

GO

ALTER SYMMETRIC KEY PasswordProtectedKey
ADD ENCRYPTION BY PASSWORD = ‘67890′
GO

ALTER SYMMETRIC KEY PasswordProtectedKey
DROP ENCRYPTION BY PASSWORD =‘12345′
GO

And to remove your key entirely:

CLOSE SYMMETRIC KEY PasswordProtectedKey
DROP SYMMETRIC KEY PasswordProtectedKey

SET IDENTITY_INSERT YourTable ON

Example:

VALUES

Note that you MUST turn off the IDENTITY_INSERT property at the end of your stored procedure. Only one table in a session can have the IDENTITY_INSERT property set to ON. If a table already has this property set to ON, and you issue a  SET IDENTITY_INSERT ON statement for another table, you’ll get an error message.

When using this statement in a stored procedure, make sure you place it after the AS, like this:

Other things to note:

• If the value inserted is larger than the current identity value for the table, SQL Server automatically uses the new inserted value as the current identity value.
• User must own the object, or be a member of the sysadmin fixed server role, or the db_owner and db_ddladmin fixed database roles.

Let’s say you have an Employee table and want to find out if it contains any duplicate SSNs. This simple SQL statement will identify any records that share an SSN:

SELECT SSN FROM Employee

GROUP BY SSN

HAVING count(SSN) > 1

“The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2869″ 

If your installer contains a custom action, it could be causing the error message. Starting with Windows Vista, it is necessary to set the NoImpersonate flag for custom actions that modify the system. This can be done with a simple script.

Create a script named NoImpersonate.js:

// This script performs a post-build fixup of an msi to change all deferred custom actions to NoImpersonate

// Constant values from Windows Installer

var msiOpenDatabaseModeTransact = 1;

var msiViewModifyInsert = 1

var msiViewModifyUpdate = 2

var msiViewModifyAssign = 3

var msiViewModifyReplace = 4

var msiViewModifyDelete = 6

var msidbCustomActionTypeInScript = 0×00000400;

var msidbCustomActionTypeNoImpersonate = 0×00000800

if (WScript.Arguments.Length != 1)

{

WScript.StdErr.WriteLine(WScript.ScriptName + ” file”);

WScript.Quit(1);

}

var filespec = WScript.Arguments(0);

var installer = WScript.CreateObject(“WindowsInstaller.Installer”);

var database = installer.OpenDatabase(filespec, msiOpenDatabaseModeTransact);

var sql

var view

var record

try

{

sql = “SELECT `Action`, `Type`, `Source`, `Target` FROM `CustomAction`”;

view = database.OpenView(sql);

view.Execute();

record = view.Fetch();

while (record)

{

if (record.IntegerData(2) & msidbCustomActionTypeInScript)

{

record.IntegerData(2) = record.IntegerData(2) | msidbCustomActionTypeNoImpersonate;

view.Modify(msiViewModifyReplace, record);

}

record = view.Fetch();

}

view.Close();

database.Commit();

}

catch(e)

{

WScript.StdErr.WriteLine(e);

WScript.Quit(1);

}

Save the script in the same directory as your Setup project. Next, enter the following in your Setup project’s Post Build event:

cscript.exe “$(ProjectDir)CustomAction_NoImpersonate.js” “$(BuiltOuputPath)”

Build the project and try running it again.

You can read more about this issue and also download a sample script at Aaron Stebner’s Weblog. 

For even more detail, look at Microsoft’s topic Custom Action In-Script Execution Options.