Microsoft Data Access Components

MDAC (Microsoft Data Access Components)

Microsoft Corporation's MDAC provides a uniform framework for accessing a variety of data sources on their Windows platform.
Developer(s) Microsoft
Stable release 2.8 SP1 (2.81.1117.6) / May 2005
Operating system Windows 98, Windows Me, Windows NT 4, Windows 2000, Windows XP, Windows Server 2003
Type Database
License Microsoft EULA
Website Microsoft MDAC Center

Microsoft Data Access Components (commonly abbreviated MDAC; also known as Windows DAC) is a framework of interrelated Microsoft technologies that allows programmers a uniform and comprehensive way of developing applications that can access almost any data store. Its components include: ActiveX Data Objects (ADO), OLE DB, and Open Database Connectivity (ODBC). There have been several deprecated components as well, such as the Microsoft Jet Database Engine, MSDASQL (the OLE DB provider for ODBC), and Remote Data Services (RDS). Some components have also become obsolete, such as the former Data Access Objects API and Remote Data Objects.

The first version of MDAC was released in August 1996. At that time Microsoft stated MDAC was more a concept than a stand-alone program and had no widespread distribution method. Later Microsoft released upgrades to MDAC as web-based redistributable packages. Eventually, later versions were integrated with Microsoft Windows and Internet Explorer, and in MDAC 2.8 SP1 they ceased offering MDAC as a redistributable package.

Throughout its history MDAC has been the subject of several security flaws, which led to attacks such as an escalated privileges attack, although the vulnerabilities were generally fixed in later versions and fairly promptly. The current version is 2.8 service pack 1, but the product has had many different versions and many of its components have been deprecated and replaced by newer Microsoft technologies. MDAC is now known as Windows DAC in Windows Vista.

Contents

Architecture

The latest version of MDAC (2.8) consists of several interacting components, all of which are Windows specific except for ODBC (which is available on several platforms). MDAC architecture may be viewed as three layers: a programming interface layer, consisting of ADO and ADO.NET, a database access layer developed by database vendors such as Oracle and Microsoft (OLE DB, .NET managed providers and ODBC drivers), and the database itself. These component layers are all made available to applications through the MDAC API. The Microsoft SQL Server Network Library, a proprietary access method specific to Microsoft SQL Server, is also included in the MDAC. Developers of Windows applications are encouraged to use ADO or ADO.NET for data access, the benefit being that users of the application program are not constrained in their choice of database architecture except that it should be supported by MDAC. Naturally, developers still have the choice of writing applications which directly access OLE DB and ODBC.

Microsoft SQL Server Network Library

The Microsoft SQL Server Network Library (also known as Net-Lib) is used by the Microsoft SQL Server to read and write data using many different network protocols. Though Net-Lib is specific to the SQL Server, Microsoft includes it with MDAC. The SQL Server uses the Open Data Services (ODS) library to communicate with Net-Lib, which interfaces directly with the Windows NT operating system line's Win32 subsystem. The SQL Server Network Library is controlled through the use of a Client Network Utility, which is bundled with the SQL Server.

Each Net-Lib supported network protocol has a separate driver (not to be confused with a device driver), and has support for a session layer in its protocol stack. There are two general types of Net-Lib: the primary and the secondary. The primary Net-Lib consists of a Super Socket Net-Lib and the Shared Memory Net-Lib, while there are numerous secondary Net-Libs, including TCP/IP and named pipes network libraries (named pipes are a method of communicating with other processes via a system-persistent pipeline that is given an identity). The Microsoft OLE DB Provider for SQL Server (SQLOLEDB) communicates via primary Net-Libs.

The Super Socket Net-Lib deals with inter-computer communications and coordinates the secondary Net-Libs — though the TCP/IP secondary Net-Lib is an exception in that it calls on the Windows Socket 2 API directly. The Banyan VINES, AppleTalk, ServerNet, IPX/SPX, Giganet, and RPC Net-Libs were dropped from MDAC 2.5 onwards. The Network Library router had the job of managing all these protocols, however now only the named pipes secondary Net-Lib is managed by the router. The Super Socket Net-Lib also handles data encryption via the use of the Windows SSL API.

The Shared Memory Net-Lib, on the other hand, manages connections between multiple instances of SQL Server that exist on one computer. It uses a shared memory area to communicate between the processes. This is inherently secure; there is no need for data encryption between instances of SQL Server that exist on one computer as the operating system does not allow any other process access to the instances' area of shared memory.

Net-Lib is also able to support the impersonation of a logged in user's security context for protocols that support authenticated connections (called trusted connections). This allows Net-Lib to provide an integrated logon authentication mechanism via the use of Windows Authentication. Windows Authentication is not supported on Windows 98 or Windows Me.[1]

OLE DB

OLE DB (also called OLEDB or OLE-DB) allows MDAC applications access to different types of ([data]) stores in a uniform manner. Microsoft has used this technology to separate the application from the data store that it needs to access. This was done because different applications need access to different types and sources of data, and do not necessarily need to know how to access technology-specific functionality. The technology is conceptually divided into consumers and providers. The consumers are the applications that need access to the data, and the provider is the software component that exposes an OLE DB interface through the use of the Component Object Model (or COM).

OLE DB is the database access interface technology used by MDAC. OLE DB providers can be created to access such simple data stores as a text file or spreadsheet, through to such complex databases as Oracle and SQL Server. However, because different data store technology can have different capabilities, OLE DB providers may not implement every possible interface available. The capabilities that are available are implemented through the use of COM objects—an OLE DB provider will map the data store technology's functionality to a particular COM interface. Microsoft calls the availability of an interface to be "provider-specific" as it may not be applicable depending on the database technology involved. Additionally, however, providers may also augment the capabilities of a data store; these capabilities are known as services in Microsoft parlance.

The Microsoft OLE DB Provider for SQL Server (SQLOLEDB) is the OLE DB provider that Microsoft provides for the Microsoft SQL Server from version 6.5 upwards. According to Microsoft, SQLOLEDB will be "the primary focus of future MDAC feature enhancements [and] will be available on the 64-bit Windows operating system."[2]

Universal data link

Universal data link files (or '.udl files') provide a common user interface for specifying connection attributes. A user can use a Data Link Properties dialog box to save connection information in a .udl file as an alternative to directly specifying them by hand in a connection string. Consequently, these files provide a convenient level of indirection. Additionally, the dialog box specifies a number of alternate OLE DB data providers for a variety of target applications.[3]

ODBC

Open Database Connectivity (ODBC) is a native interface that is accessed through a programming language (usually C) that can make calls into a native library. In MDAC this interface is defined as a DLL. A separate module or driver is needed for each database that must be accessed. The functions in the ODBC API are implemented by these DBMS-specific drivers. The driver that Microsoft provides in MDAC is called the SQL Server ODBC Driver (SQLODBC), and (as the name implies) is designed for Microsoft's SQL Server. It supports SQL Server v6.5 and upwards.[4] ODBC allows programs to use SQL requests that will access databases without having to know the proprietary interfaces to the databases. It handles the SQL request and converts it into a request that the individual database system understands.

ADO

ActiveX Data Objects (ADO) is a high level programming interface to OLE DB. It uses a hierarchical object model to allow applications to programmatically create, retrieve, update and delete data from sources supported by OLE DB. ADO consists of a series of hierarchical COM-based objects and collections, an object that acts as a container of many other objects. A programmer can directly access ADO objects to manipulate data, or can send an SQL query to the database via several ADO mechanisms. ADO is made up of nine objects and four collections.

The collections are:

  1. Fields: This collection contains a set of Field objects. The Collection can be used in either a Recordset object or in a Record object. In a Recordset object, each of the Field objects that make up the Fields collection corresponds to a column in that Recordset object. In a Record object, a Field can be an absolute or relative URL that points into a tree-structured namespace (used for semi-structured data providers like the Microsoft OLE DB Provider for Internet Publishing) or as a reference to the default Stream object associated with that Record object.[5]
  2. Properties: An object can have more than one Property object, which are contained in the object's Properties collection.[6]
  3. Parameters: A Command object can have several Parameter commands to change its predefined behaviour, and each of the Parameter objects are contained in the Command object's Parameters collection[7]
  4. Errors: All provider created errors are passed to a collection of Error objects, while the Errors collection itself is contained in a Connection object. When an ADO operation creates an error, the collection is cleared and a new group of Error objects are created in the collection.[8]

The objects are:

  1. Connection: The connection object is ADO's connection to a data store via OLE DB. The connection object stores information about the session and provides methods of connecting to the data store. As some data stores have different methods of establishing a connection, some methods may not be supported in the connection object for particular OLE DB providers. A connection object connects to the data store using its 'Open' method with a connection string which specifies the connection as a list of key value pairs (for example: "Provider='SQLOLEDB';Data Source='TheSqlServer'; Initial Catalog='Northwind';Integrated Security='SSPI';").[9] The start of which must identify the type of data store connection that the connection object requires. This must be either:
    • an OLE DB provider (for example SQLOLEDB), using the syntax "provider="
    • a file name, using the syntax "file name="
    • a remote provider and server (see RDS), using the syntax "Remote provider=" and "Remote server="
    • an absolute URL, using the syntax "URL="[10]
  2. Command: After the connection object establishes a session to the data source, instructions are sent to the data provider via the command object. The command object can send SQL queries directly to the provider through the use of the CommandText property, send a parameterised query or stored procedure through the use of a Parameter object or Parameters collection or run a query and return the results to a dataset object via the Execute method. There are several other methods that can be used in the Command object relating to other objects, such as the Stream, RecordSet or Connection objects.[11]
  3. Recordset: A recordset is a group of records, and can either come from a base table or as the result of a query to the table. The RecordSet object contains a Fields collection and a Properties collection.[12] The Fields collection is a set of Field objects, which are the corresponding columns in the table. The Properties collection is a set of Property objects, which defines a particular functionality of an OLE DB provider. The RecordSet has numerous methods and properties for examining the data that exists within it.[13] Records can be updated in the recordset by changing the values in the record and then calling on the Update or UpdateBatch method. Adding new records is performed through the AddNew function and then by calling on the Update or UpdateBatch method.[14] Records are also deleted in the recordset with the Delete method and then by calling on the Update method. However, if for some reason the deletion cannot occur, such as because of violations in referential integrity, then the recordset will remain in edit mode after the call to the Update method. The programmer must explicitly call on the CancelUpdate function to cancel the update. Additionally, ADO can rollback transactions (if this is supported) and cancel batch updates.[15] Recordsets can also be updated in one of three ways: via an immediate update, via a batch update,[16] or through the use of transactions:
    1. Immediate: The recordset is locked using the adLockOptimistic or adLockPessimistic lock. The data are updated at the data source after the record is changed and the Update method is called.
    2. Batch: The recordset is locked using adLockBatchOptimistic and each time Update is called the data are updated in a temporary buffer. Finally, when UpdateBatch is called the data are completely updated back at the data source. This has the advantage of it all being done in memory, and if a problem occurs then UpdateCancel is called and the updates are not sent to the data source
    3. Transaction: If the OLE DB provider allows it, transactions can be used. To start the transaction, the programmer invokes the BeginTrans method and does the required updates. When they are all done, the programmer invokes the CommitTrans method. RollbackTrans can be invoked to cancel any changes made inside the transaction and rollback the database to the state before the transaction began[17]
  4. Record: This object represents one record in the database, and contains a fields collection. A RecordSet consists of a collection of Record objects.[18]
  5. Stream: A stream, mainly used in a RecordSet object, is a means of reading and writing a stream of bytes.[19] It is mostly used to save a recordset in an XML format,[20] to send commands to an OLE DB provider as an alternative to the CommandText object and to contain the contents of a binary or text file.
  6. Parameter: A parameter is a means of altering the behaviour of a common piece of functionality, for instance a stored procedure might have different parameters passed to it depending on what needs to be done; these are called parameterised commands.[21]
  7. Field: Each Record object contains many fields, and a RecordSet object has a corresponding Field object also. The RecordSet object's Field object corresponds to a column in the database table that it references.[22]
  8. Property: This object is specific to the OLE DB provider and defines an ability that the provider has implemented. A property object can be either a built-in property — it is a well defined property implemented by ADO already and thus cannot be altered — or can be a dynamic property — defined by the underlying data provider and can be changed[23]
  9. Error: When an OLE DB provider error occurs during the use of ADO, an Error object will be created in the Errors collection.[24] Other errors do not go into an Error object, however. For instance, any errors that occur when manipulating data in a RecordSet or Field object are stored in a Status property.[25]

ADO.NET

ADO.NET is the latest version of ADO (after ADO 2.8, now often referred to as ADO Classic) and is part of the MDAC 2.8 stack alongside classic ADO. It is built around Microsoft .NET. Though sometimes seen as an evolutionary step up from ADO, some fundamental structural changes were made by Microsoft. ADO.NET runs through a .NET Managed Provider, a modified version of an OLE DB provider specifically designed for .NET. The object structure is no longer built around a Recordset object. Instead a Dataset object is used to contain data gathered from multiple sources. This is transparent to the programmer. Unlike the old ADO Recordset, the Dataset's design allows for disconnected data. Conceptually, a Dataset object can be seen as a small in-memory relational database in its own right that allows for manipulation of data in any direction (a Recordset was a forward-only reader). In order to propagate changes back into the database, a Dataadapter object is used that transfers data from between the data source and the DataSet object. Cursors were also deprecated in ADO.NET, being replaced with a Datareader object, which is used to efficiently process a large list of results one record at a time without storing them.[26]

Deprecated and obsolete components

MDAC is a continually evolving component framework. As such, there have been several components that were previously part of it but have since been deprecated or removed entirely from the framework.

Microsoft Jet Database Engine and JRO

Jet stands for Joint Engine Technology and was a database engine used for Microsoft Access, Microsoft Exchange Server and Visual Basic. Jet was part of a Relational Database Management System (RDBMS) and offered a single interface that other software could use to access Microsoft databases. Jet also provided support for security, referential integrity, transaction processing, indexing, record and page locking, and data replication. In later versions of Jet, the engine was extended to run SQL queries, store character data in Unicode format, create views, and allowed bi-directional replication with the Microsoft SQL Server. It has since been superseded by MSDE.

There were three modules to Jet. One was the Native Jet ISAM Driver, a Jet dynamic link library (DLL) that could directly manipulate Microsoft Access database files (MDB), which was a modified form of an Indexed Sequential Access Method (ISAM) database. Another one of the modules were the ISAM Drivers, DLLs that allowed access to ISAM databases, among them being Xbase, Paradox, Btrieve and FoxPro files. The final module was the Data Access Objects (DAO) DLL, DAO allowed programmers access to the Jet engine. It was basically an object-oriented data language used by Access Basic and Visual Basic application developers to access Jet.

Similarly, the Microsoft Jet OLE DB Provider and Replication Objects (JRO) which allowed replication between Jet data sources was removed from MDAC 2.6[27]

MSDASQL and Oracle ODBC

The Microsoft OLE DB Provider for ODBC, or MSDASQL, was an OLE DB provider for allowing ActiveX Data Objects access to databases via any ODBC driver. There were several OLE-DB providers supplied by Microsoft (providers available were for the Indexing Service, Active Directory, Jet, SQL Server, Oracle and Internet Publishing), however unless specified, MSDASQL was the default provider used by ADO. After MDAC 2.5 both the Oracle ODBC driver and MSDASQL supported Oracle 7 and partially supported Oracle 8i. Features that were not supported were:

Microsoft initially deprecated the MSDASQL component for their 64-bit operating systems[28] and the Microsoft Oracle ODBC driver was later superseded by a .NET Managed Oracle Provider, which supported Oracle 9i.[29] However, Windows Server 2008 and Windows Vista SP1 ship with a 64-bit version of MSDASQL.

Remote Data Services (RDS)

Remote Data Services (RDS) allowed the retrieval of a set of data from the server, which the client then altered in some way and then sent back to the server for further processing.[30] With the popular adoption of Transact-SQL, which extends SQL with such programming constructs as loops and conditional statements, this became less necessary and it was eventually deprecated in MDAC 2.7. Microsoft produced SOAP Toolkit 2.0, which allows clients to do this via an open XML-based standard.[31]

SQLXML

SQLXML was designed for SQL Server 2000, but was deprecated with MDAC 2.6. It allowed Microsoft's relational database to be viewed by XPath and allowed data to viewable as an XML file. It has not actually been deprecated but has been removed from later versions of MDAC, though Microsoft does provide it as a downloadable component and will support it on their 64-bit operating systems.

Obsolete components

Several components have been completely removed from MDAC by Microsoft and are no longer supported. They are:

History

Microsoft has released several versions of MDAC over time. The distribution method has varied and the feature-set is different for each version.

MDAC 1.0

MDAC 1.0 was first released in August 1996.[34] According to Microsoft, "MDAC 1.0 existed more as concept than a coordinated, stand-alone setup program." The MDAC 1.0 stack consisted of ODBC 3.0, OLE DB 1.1, ADO 1.0, and the Advanced Data Connector (ADC) 1.0 — which according to Microsoft was the precursor to the Remote Data Service of MDAC 1.5. It also included ODBC drivers for Access/Jet, SQL Server and Oracle databases. MDAC 1.0 was released via several mechanisms: the Advanced Data Connector shipped with Internet Information Server (IIS) 3.0 and as a downloadable cab file; OLE DB 1.1 and ADO 1.0 shipped with the OLE DB 1.1 SDK, which came with Visual Studio 97 and was also downloadable.[35] MDAC 1.0 came with Active Server Pages, that itself came in IIS 3.0, and also came with Visual InterDev 1.0.[36]

MDAC 1.5

MDAC 1.5 was released between September 1997 and March 1998, and involved a more centralised distribution mechanism than MDAC 1.0. It was released with Microsoft Internet Explorer 4.0, the Internet Client SDK 4.0 and through a CD-ROM given out at the 1997 Professional Developers Conference (PDC). There were five versions of MDAC 1.5:

The different versions of MDAC 1.5 consisted of:

This version of MDAC had a security flaw that made it vulnerable to an escalated privileges attack. The vulnerability caused systems that had both IIS and MDAC installed to give an unauthorized web user the ability to execute shell commands on the IIS system as a privileged user. This allowed the attacker to use MDAC to tunnel SQL and other ODBC data requests through the public connection to a private back-end network when on a multi-homed Internet-connected IIS system. It also allowed the user to gain unauthorized access to secured, non-published files on the IIS system[37]

MDAC 1.5 was the last data access component release supported under Windows NT 3.51 SP5.

MDAC 2.0

MDAC 2.0 was distributed with the Data Access 2.0 SDK and included the contents of MDAC 1.5, the ODBC 3.5 SDK and the OLE DB 1.5 SDK, and the OLE DB for OLAP Specification. It also had included many updates to the core product,[35] including a security feature added to the RDS which prevented it from being used maliciously an IIS server.[38] This version came included in Windows NT 4.0 SP4,[39] and also with Visual Studio 6.0, which came with the full Data Access SDK.[35]

MDAC 2.1

MDAC 2.1 was distributed with SQL Server 7.0 and SQL Server 6.5 SP5. MDAC 2.1 SP1 was distributed with Internet Explorer 5 and MDAC 2.1 SP1a (GA) was distributed with Microsoft Office 2000, BackOffice 4.5 and Visual Studio 98 SP3. However, none of these versions of MDAC were released to the general public via the world wide web. MDAC 2.1 SP2 was distributed from Microsoft's website. The components that were included with 2.1 were:

This version had security vulnerabilities whereby an unchecked buffer could allow an elevated privileges attack. This was found some time later and it affected MDAC 2.1, 2.5 and 2.6 and was addressed in a later patch[41]

MDAC 2.5

MDAC 2.5 was released on February 17, 2000 and distributed with Windows 2000, and the MDAC service packs were released in parallel with the Windows 2000 service packs. They were also distributed through Microsoft's website. Three service packs were released. The components included with 2.5 were:

Several issues were found in this version of MDAC. When using OLE DB Session Pooling, Microsoft COM+ would try to continuously load and unload OLE DB, and a conflict could arise that caused the OLE DB Session Pooling to run at 100% CPU usage. This was later fixed.[43] Microsoft published a full list of bugs fixed in MDAC 2.5 Service Pack 2 and MDAC 2.5 Service Pack 3. A security vulnerability also existed (later fixed) whereby an unchecked buffer in was found in the SQL Server Driver. This flaw was introduced in MDAC 2.5 SP2.

MDAC 2.6

MDAC 2.6 was released in September 2000 and was distributed through the web and with Microsoft SQL Server 2000[44] MDAC 2.6 RTM, SP1 (released June 20, 2001), and SP2 (released June 11, 2002) were distributed in parallel with the Microsoft SQL Server 2000 service packs, and could also be downloaded from the Microsoft website.

Beginning with this version of MDAC, Microsoft Jet, Microsoft Jet OLE DB Provider, and the ODBC Desktop Database Drivers were not included. Instead, these could be installed manually.[45] Microsoft also released an alert warning that MDAC 2.6 should not be installed on an SQL Server 7.0 Cluster, because "if you install MDAC 2.6 or later on any node in the cluster, directly or through the installation of another program, it may cause a catastrophic failure of the SQL Server Agent or other SQL Server services."[46] This issue affected Veritas Software's Backup Exec 9.0 for Windows Servers, because it installs Microsoft SQL Server 2000 Desktop Engine (MSDE 2000) as its database. Revision 4367 installed MDAC version 2.6 SP2 while revision 4454 installed MDAC version 2.7 SP1, which did not have the problem[47]

MDAC 2.7

MDAC 2.7 was released in October 2001 through Microsoft's website. A refresh release was issued in April 2002 through the release of Windows XP and through Microsoft's website. Version 2.7 was available in U.S. English, Chinese (Traditional and Simplified), German, Japanese, Korean, Brazilian Portuguese, Czech, Danish, Greek, Slovak, Slovenian, Spanish, Finnish, French, Hungarian, Italian, Dutch, Norwegian, Polish, Portuguese, Russian, Swedish, and Turkish. Hebrew and Arabic were only available through Windows XP.

The main feature change was support for Microsoft's 64-bit operating system, however support for Banyan VINES was also dropped from this version of MDAC. There were several known issues:[48] MDAC 2.7 continued causing connectivity problems on clustered servers running Microsoft SQL Server 6.5 or SQL Server 7.0, with no workaround provided by Microsoft. When creating or configuring ODBC data source names (DSNs) using the Microsoft SQL Server ODBC driver the network library protocol might unexpectedly switch to TCP/IP, even if the DSN was configured to use named pipes.[49] This issue was found by InfoWorld reporter Randall C. Kennedy, who identified that the change was actually made in MDAC 2.6 but was never documented. It was discovered when testing client/server database workloads on a Windows XP computer; InfoWorld claims that although overall server CPU utilization rose by only 8 percent using TCP/IP, context switches per second dropped by more than 150 percent (which is of course impossible because you would then have a negative context switch rate - the drop is either 33% or 60% depending on which planet the author was on at the time of writing) for a 10-user workload. They were unimpressed that a fundamental functional change to the default behaviour of Net-Lib occurred without more than a passing mention in an unrelated document.[50] Windows XP users also sometimes experienced problems connecting to SQL Server because SQL Server attempts to use certificates it finds on the local computer, however if there is more than one certificate available it did not know which one to use.[51] When attempting to use Microsoft Analysis Services 2000 RTM, an error would sometimes appear when trying to browse cubes.[52] Microsoft also discovered a problem in Windows 95, Windows 98, and Windows Me's setup program which prevented the MDAC installation program from rolling back when it encountered an installation error.[53]

Several security issues were resolved by Microsoft for MDAC 2.7. David Litchfield of Next Generation Security Software Ltd reported a security vulnerability that results because one of the ODBC functions in MDAC that is used to connect to data sources contained an unchecked buffer.[54] Another vulnerability that was fixed was one whereby an attacker could respond to an SQL Server discovery message broadcast by clients with a specially crafted packet that could cause a buffer overflow.[55] Another flaw was found whereby code could be executed remotely when the attacker responded to the broadcast with another specially crafted packet.[56]

MDAC 2.8

MDAC 2.8 was released in August 2003 and distributed with Microsoft Windows Server 2003, as well as on Microsoft's Data Access Technologies website. It did not introduce any new features to the product but fixed a number of bugs and security issues — a reg file (automates changes to the registry) was removed that made the server run in an "unsafe" mode whereby the RDS could be exploited to gain unauthorized access to the system[57] and a new restriction was imposed on the length of the Shape query string.[58] There were also several ODBC Administrator changes.[59]

On May 23, 2005 Brad Rhodes (Lead Program Manager of Microsoft Data Access Technologies) announced that MDAC 2.8 SP1 was the last stand-alone redistributable of MDAC that Microsoft will ship. MDAC is now an official component of the Microsoft's operating system, though they will be providing ongoing bug and security fixes to previously released versions of the web-distributable version.[60] However, Microsoft have created a new component called the SQL Native Client (SQLNCLI), which is a stand alone data access API that has combined the OLE DB and ODBC libraries into one DLL. It was formed to be independent of MDAC, which is now reliant on the state the operating system is in — a developer now links to this library and avoids situations where an update of the operating system which updates MDAC breaks applications built to a different version of MDAC.[61]

Windows 7 SP1 has broken backwards compatibility of MDAC 2.8. Software compiled on Windows 7 SP1 that relies on MDAC ADO will not work on Windows versions prior to Windows 7 SP1 (including Windows 7 RTM, Vista, XP).[62] Microsoft has provided solutions to work around this issue for some applications but VBA applications remain affected.[63]

Windows DAC 6.0

Windows Vista will no longer use MDAC, but instead use Windows DAC, which consists of updated versions of ADO, OLE DB, and ODBC components. According to Microsoft, "Windows DAC includes some changes to work with Windows Vista, but is almost entirely functionally equivalent to MDAC 2.8."[64]

Version-checking

There are two ways of checking the version of MDAC that is installed on a computer. One way is via Microsoft's Component Checker program, which compares the value of each installed MDAC DLL to the MDAC file manifest. The second way is to check the key HKEY_LOCAL_MACHINE\Software\Microsoft\DataAccess\FullInstallVer in the Windows registry. Microsoft notes that this information may be incorrect for versions of MDAC prior to 2.1 when compared with the versions of the MDAC files installed to the system[65]

Version Release date Distribution mechanism Features Security issues
1.0 August 1996

No coordinated release:

  • ADC – IIS 3.0
  • OLE DB 1.1 SDK (OLE DB 1.1 and ADO 1.0)—Visual Studio
  • All components included in Visual Interdev 1.0 and with Active Server Pages (released in IIS 3.0)
  • ODBC 3.0
  • OLE DB 1.1
  • ADO 1.0
  • ADC 1.0
  • ODBC drivers for Access/Jet, SQL Server and Oracle databases

No bulletins released

1.5

September 1997 – March 1998
  • Microsoft Internet Explorer 4.0
  • Internet Client SDK 4.0 (from CD issued at Microsoft PDC)
  • ODBC 3.5
  • OLE DB 1.5
  • ADO 1.5
  • RDS 1.5 (superseded ADC 1.0)
1.5a September 1997–March 1998
  • Microsoft website

Service release

1.5b September 1997–March 1998

Service release

1.5c September 1997–March 1998
  • Microsoft website
  • Fixed issues with ADO threading and ODBC Connection Pooling
  • Only came with ADO/MDAC runtime components
2.0 July 1, 1998
  • Visual Studio 98
  • Data Access 2.0 SDK
  • ODBC 3.5 SDK
  • OLE DB 1.5 SDK
  • OLE DB for OLAP Specification
2.0SP1 July 1, 1998
  • Windows NT 4.0 SP4

Y2K remediation for Windows NT 4.0

2.0SP2 July 1, 1998
  • Microsoft website

Y2K remediation for all platforms

2.1 July 11, 1998
  • SQL Server 7.0
  • SQL Server 6.5 SP5
  • ADO 2.1
  • RDS 2.1
  • OLE DB 2.1
  • OLE DB Provider for ODBC, SQL Server and Oracle
  • JRO 2.1
  • ODBC driver
  • Jet driver
  • RDO
2.1 SP1 March 15, 1999
  • Internet Explorer 5.0
  • Windows 98 Second Edition
2.1 SP1a (GA) April 1, 1999
  • Office 2000
  • BackOffice 4.5
  • Visual Studio 98 SP3
  • Internet Explorer 5.0a (minimal install)
2.1 SP2 July 1999
  • Microsoft website
2.5 February 17, 2000
  • ADO 2.5
  • ADO MD 2.5
  • ADOX 2.5
  • RDS 2.5
  • OLE DB 2.5
  • OLE DB Provider for the ODBC driver for:
    • SQL
    • Server
    • Site Server Search
    • Internet Publishing
    • Jet 4.0 (Access 2000)
    • Oracle
    • Indexing Services (Index Server)
    • Microsoft Data Shaping Services
    • OLAP Services
    • DTS Packages
    • Microsoft Directory Services
    • Server DTS Flat File
    • OLE DB Simple Provider
  • JRO 2.5
  • ODBC 3.51
  • an ODBC driver for
    • Microsoft Access
    • SQL Server
    • Microsoft Excel
    • Text
    • Visual FoxPro
    • FoxPro VFP
    • dBase
    • dBase VFP
    • Paradox
    • Oracle
  • Jet drivers for:
    • Excel
    • Microsoft Exchange
    • Access
    • text files
    • Lotus 1-2-3
    • Paradox
    • xBase
2.5 SP1 July 31, 2000
2.5 SP2 April 2000
2.5 SPS3 December 2003

2.6

September 2000

Not included (manually installed):
  • Microsoft Jet
  • Microsoft Jet OLE DB Provider
  • ODBC Desktop Database Drivers
2.6 SP1 May 2001
2.6 SP2 May 2002
2.7 October 2001
  • Support for 64-bit operating systems
  • Banyan Vines support dropped
2.8 August 2003

Fixed bugs and security issues

2.8 SP1 May 2005
  • SQL Server 2000 SP4
  • Windows XP SP2
  • Microsoft website

Fixed bugs

2.8 SP2 March 2005
  • Windows Server 2003 SP1
9.0 Never released: Microsoft now includes MDAC with operating system updates.
  • Visual Studio 2005 Beta 1, but later removed.
  • Originally released with SQL Server 2005 Beta 1, but later removed.[66]
   
Windows DAC 6.0 (a variant of MDAC for use with Vista) November 2006
  • Windows Vista
  • Version number synchronized with Windows version, non-redistributable

No new features, for use with Windows Vista

References and notes

Notes
  1. ^ Kalen Delaney, "Inside Microsoft SQL Server 2000", Microsoft Press, pp. 70–74.
  2. ^ Prash Shirolkar (Author); Alyssa Henry (contributor); Stephen Pepitone (Contributor); Acey J. Bunch (contributor), "Data Access Technologies Road Map", Microsoft Corporation, accessed September 19, 2005.
  3. ^ MSDN, "Creating a udl file", "ADO 2.8 API Reference", accessed April 28, 2007.
  4. ^ ibid.
  5. ^ MSDN, "Fields Collection", "ADO 2.8 API Reference", accessed September 19, 2005.
  6. ^ MSDN, "Properties Collection", "ADO 2.8 API Reference", accessed September 19, 2005.
  7. ^ MSDN, "Parameters Collection", "ADO 2.8 API Reference", accessed September 19, 2005.
  8. ^ MSDN, "Errors Collection", "ADO 2.8 API Reference", accessed September 19, 2005.
  9. ^ MSDN, "Using a connection object", "ADO 2.8 Programmers Guide", accessed September 10, 2005.
  10. ^ MSDN, "ADO Connection String", "ADO 2.8 Programmers Guide", accessed September 10, 2005.
  11. ^ MSDN, "Command Object Overview", "ADO 2.8 Programmers Guide", accessed September 10, 2005
  12. ^ MSDN, "Examining Data", "ADO 2.8 Programmers Guide", accessed September 10, 2005.
  13. ^ A full list of ADO methods and properties that allow the examination of data in a recordset can be found in Microsoft's API documentation
  14. ^ MSDN, "Editing data", "ADO 2.8 Programmers Guide", accessed September 10, 2005.
  15. ^ MSDN, "Deleting records using the Delete method", "ADO 2.8 Programmers Guide", accessed September 10, 2005.
  16. ^ MSDN, "Updating and Persisting Data", "ADO 2.8 Programmers Guide", accessed September 12, 2005.
  17. ^ MSDN, "Transaction Processing", "ADO 2.8 Programmers Guide", accessed September 12, 2005.
  18. ^ MSDN, "Record Object", "ADO 2.8 API Reference", accessed September 12, 2005.
  19. ^ MSDN, "Records and Streams", "ADO 2.8 Programmers Guide", accessed September 12, 2005.
  20. ^ MSDN, "Streams and Persistence", "ADO 2.8 Programmers Guide", accessed September 12, 2005.
  21. ^ MSDN, "Parameter Object", "ADO 2.8 API Reference", accessed September 12, 2005.
  22. ^ MSDN, "Field Object", "ADO 2.8 API Reference", accessed September 12, 2005.
  23. ^ MSDN, "Property Object" "ADO 2.8 Programmers Guide", accessed September 13, 2005.
  24. ^ MSDN, "Error Handling", "ADO 2.8 Programmers Guide", accessed September 18, 2005.
  25. ^ MSDN, "Field-Related Error Information", "ADO 2.8 Programmers Guide", accessed September 18, 2005; & MSDN, "Recordset-Related Error Information", "ADO 2.8 Programmers Guide", accessed September 18, 2005.
  26. ^ Doug Rothaus & Mike Pizzo, "ADO.NET for the ADO Programmer", MSDN, accessed September 22, 2005.
  27. ^ Microsoft, Deprecated Components (OLE DB), retrieved August 5, 2005.
  28. ^ Microsoft, "Data Access Technologies Road Map", Deprecated MDAC Components, Microsoft "ADO Programmer's Guide" Appendix A: Providers, Microsoft OLE DB Provider for ODBC, retrieved July 30, 2005.
  29. ^ Microsoft, MS KB article 244661: INFO: Limitations of Microsoft Oracle ODBC Driver and OLEDB Provider, last reviewed August 25, 2004, retrieved August 4, 2005.
  30. ^ Microsoft, "Remote Data Service (RDS)", retrieved August 11, 2005.
  31. ^ Microsoft, "Data Access Technologies Roadmap", "Deprecated MDAC Components"
  32. ^ Kalen Delaney, "Inside Microsoft SQL Server 2000", Microsoft Press, p65.
  33. ^ Christine Solomon, "Microsoft Office 97 Developer's Handbook", Microsoft Press. pp. 195–200.
  34. ^ (German) Christian Koller, "ADO und MDAC Versionen" : MDAC 1.0 and 1.1 (OLE DB 1.0 and OLE DB 1.1) accessed July 1, 2005.
  35. ^ a b c d "INFO: What are MDAC, DA SDK, ODBC, OLE DB, ADO, RDS, and ADO/MD?". Microsoft. March 14, 2005. http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q190463&ID=KB;EN-US;Q190463. Retrieved 2005-07-01. 
  36. ^ a b (German) Koller, Christian. "ADO und MDAC Versionen". MDAC 1.5. http://www.aspheute.com/artikel/20000327.htm. Retrieved 2005-07-01. 
  37. ^ Microsoft, Microsoft Security Program: Frequently Asked Questions: Microsoft Security Bulletin (MS99-025), accessed July 6, 2005.
  38. ^ Microsoft, PRB: RDS Handler Error Messages Due to Security Settings (last reviewed September 30, 2003), accessed July 6, 2005; Microsoft Security Program: Microsoft Security Bulletin (MS98-004) : "Unauthorized ODBC Data Access with RDS and IIS" (last revision: July 17, 1998), accessed July 6, 2005; CVE vulnerability CVE-1999-1011.
  39. ^ Christian Koller, "ADO und MDAC Versionen" : MDAC 2.0, accessed July 1, 2005.
  40. ^ (German) Christian Koller, "ADO und MDAC Versionen" : MDAC 2.1, accessed July 1, 2005.
  41. ^ Microsoft, "Data Access Components: Security Hotfix for Q329414"; Microsoft Security Bulletin MS02-06 — originally Microsoft KB article Q329414) — (originally posted November 20, 2002), accessed July 6, 2005.
  42. ^ (German) Christian Koller, "ADO und MDAC Versionen" : MDAC 2.5, accessed July 1, 2005.
  43. ^ Microsoft, MS KB article 320700, "OLE DB Session Pooling Causes 100 Percent CPU Usage (MDAC 2.5)", accessed July 6, 2005.
  44. ^ Microsoft, MS KB article 842272 Release manifest for MDAC 2.6 (2.60.6526.3), accessed July 6, 2005.
  45. ^ Microsoft, MS KB article 271908 MDAC version 2.6 and later do not contain Jet or Desktop ODBC drivers, accessed July 6, 2005.
  46. ^ Microsoft, MS KB article 820754 MDAC 2.6 or later should not be installed on SQL Server 7.0 clusters, accessed July 6, 2005.
  47. ^ Veritas, Document ID: 258144 VERITAS Backup Exec (tm) 9.0 for Windows Servers should not be installed on a Microsoft SQL Server 7.0 Cluster.
  48. ^ Release manifest for MDAC 2.7 Refresh (2.70.9001.0)
  49. ^ Microsoft, MS KB article 289573 PRB: Configuring DSNs with SQL Server Net-Libraries.
  50. ^ Randall C. Kennedy, "It's not a bug, it's a feature", InfoWorld.
  51. ^ Microsoft, MS KB article 309398 SQL Server 2000 installation or local connections fail with "SSL Security error:ConnectionOpen (SECDoClientHandshake())" error message.
  52. ^ Microsoft, MS KB article 297232 FIX: Cannot Browse Cubes or Process Mining Model After You Install Analysis Services 2000 RTM.
  53. ^ Microsoft, MS KB article 311720 PRB: MDAC Rollback May Fail on Windows 95, Windows 98, and Windows Millennium Edition.
  54. ^ Microsoft, Microsoft Security Bulletin MS02-040 Unchecked Buffer in MDAC Function Could Enable System Compromise (Q326573).
  55. ^ Microsoft, Microsoft Security Bulletin MS03-033 Unchecked Buffer in MDAC Function Could Enable System Compromise (823718)
  56. ^ Microsoft, Microsoft Security Bulletin MS04-003 Buffer Overrun in MDAC Function Could Allow Code Execution (832483)
  57. ^ Microsoft. MS KB article 818490: INFO: Handunsf.reg File Has Been Removed in MDAC 2.8 Redist Setup for Security Reasons
  58. ^ Microsoft. MS KB article 838405: FIX: "Argument passed to data shaping service was invalid" error after you apply MDAC 2.8
  59. ^ Microsoft. MS KB article 818489, INFO: ODBC Administrator Changes in MDAC 2.8.
  60. ^ Brad Rhodes (blog entry), The end of the MDAC Redistributable, May 23, 2005, retrieved August 11, 2005; & Microsoft, MS KB article 892854: "Release strategy for Microsoft Data Access Components", last updated January 24, 2005, retrieved August 11, 2005.
  61. ^ Acey J. Bunch (April 26, 2005), "Introducing SQL Native Client", MSDN blog entry.
  62. ^ MSDN, "Breaking change in MDAC ADODB COM components in Windows 7 Service Pack 1", "Forum", accessed March 9, 2011.
  63. ^ KB 2517589, "An ADO application that is re-compiled on a Windows 7 Service Pack 1-based computer does not run on down-level operating systems", "", accessed March 17, 2011.
  64. ^ Microsoft, "FAQ About Windows DAC/MDAC". Accessed 12th December, 2006.
  65. ^ Microsoft. MS KB article 301202, How to check for MDAC version, last updated January 18, 2005, retrieved September 29, 2005.
  66. ^ Chapter 11 Changes, supplementary material to "A First Look at SQL Server 2005 for Developers" by Bob Beauchemin, Niels Berglund, and Dan Sullivan.
References
  • "ADO 2.8 API Reference". Online API Reference, Microsoft Corporation.
  • "ADO 2.8 Programmers Guide". Online programming guide, Microsoft Corporation.
  • Delaney, Kalen; & Soukup, Ron (2001). "Inside Microsoft SQL Server 2000" (based on 1st edition by Ron Soukup). Microsoft Press. ISBN 0-7356-0998-5.
  • Rothaus, Doug; & Pizzo, Mike (December, 2001). "ADO.NET for the ADO Programmer". Microsoft Corporation.
  • Shirolkar, Prash (Author); Henry Alyssa (contributor); Pepitone Stephen (Contributor); Bunch, Acey J. (contributor), "Data Access Technologies Road Map", Microsoft Corporation.
  • Solomon, Christine (1997). "Microsoft Office 97 Developer's Handbook". Microsoft Press. ISBN 1-57231-440-0.

External links