Exceptions

Exceptions are useful if you want to exclude a particular object from access restriction. Any object that is excluded from encryption will remain accessible to users. You can define exceptions right before you encrypt the database. To add an exception dynamically to an encrypted database, use function dbd_add_ex.

The primary way to specify exceptions is in the command line database encryption tool, dbencrypt.exe. The tool accepts the command line with the list of exception names listed without quotes (i.e. NO [ or ]). Here is an example of the command:

dbencrypt.exe -s MSSQLSERVER -d db1 -p 123ABC -e exceptions.lst

exceptions.lst may contain tables, stored procedures, views, UDF and other types of SQL data related objects.

Specifying MyTable or *.MyTable in the exceptions command above means that access to the database object MyTable will be allowed in all schemes.

schema1.* will allow access to all objects in the schema schema1.

You must specify object names in unquoted form. Each object name must start from a new line.