(c) 1998 Microsoft Corporation. All rights reserved.
This document provides late-breaking or other information that supplements the Microsoft ADO documentation.
--------
CONTENTS
--------
1. PRODUCT DESCRIPTION
2. NEW FEATURES
2.1 Seek and Index
2.2 Row updates and synchronization
2.3 Microsoft OLE DB Persistence Provider
2.4 Microsoft Data Shaping Service for OLE DB
2.5 Microsoft OLE DB Remoting Provider
3. TECHNICAL NOTES
3.1 Security Enhancements
3.2 Restrictive Behavior
3.3 Customizing Security Settings
4. KNOWN BUGS, LIMITATIONS, WORKAROUNDS, AND LATE-BREAKING DOCUMENTATION NOTES
----------------------
1. PRODUCT DESCRIPTION
----------------------
ActiveX Data Objects (ADO) is an Automation-based interface for accessing data. ADO uses the OLE DB interface to access a broad range of data sources, including but not limited to data provided via ODBC.
Users of RDO and DAO should quickly become comfortable with programming to ADO because the overall design of ADO comes from our experience in developing those interfaces.
Microsoft Remote Data Service (RDS) is a component of ADO that provides fast and efficient data connectivity and the data publishing framework for applications hosted in Microsoft Internet Explorer. It is based on a client/server, distributed technology that works over HTTP, HTTPS (HTTP over Secure Sockets layer), and DCOM application protocols. Using data-aware ActiveX controls, RDS provides data access programming in the style of Microsoft Visual Basic(R) to Web developers who need to build distributed, data-intensive applications for use over corporate intranets and the Internet.
---------------
2. NEW FEATURES
---------------
ADO 2.1 adds several new features for developers.
2.1 Seek and Index
The Seek method and Index property add fast, index-based location of rows in a recordset.
2.2 Row updates and synchronization
The new "row fix-up" mode offers the user custom control of row updates and synchronization for recordsets created by a JOIN operation. Seven new dynamic properties control the behavior of five existing methods.
2.3 Microsoft OLE DB Persistence Provider
The Microsoft OLE DB Persistence Provider, in conjunction with the Recordset object's Save and Open methods, saves and restores a recordset to a file. With this release, a recordset can be saved in Extensible Markup Language (XML) format, the standard means of defining user-specified tags for data transported across the Internet.
2.4 Microsoft Data Shaping Service for OLE DB
The Microsoft Data Shaping Service for OLE DB, which supports Data Shaping, can now:
2.4.1 Re-shape a previously shaped recordset. To support this feature, recordsets now have a Name property that exists for the duration of the connection.
2.4.2 Perform aggregate calculations on a column at any level of a shaped recordset, not just the immediate child of the parent. This feature uses fully qualified chapter names to form a path to the desired level and column.
2.4.3 Parameterized COMPUTE commands can have an arbitrary number of intervening COMPUTE clauses between the PARAMETER clause and parameter argument.
2.5 Microsoft OLE DB Remoting Provider
The Microsoft OLE DB Remoting Provider becomes a standard service provider and acquires new dynamic properties for enhanced performance, greater user control, and backwards compatibility with ADO 2.0.
------------------
3. TECHNICAL NOTES
------------------
3.1 Security Enhancements
This release includes security enhancements for ADO and RDS objects so that some of the operations are restricted when Internet Explorer is running in a "safe" mode.
3.1.1. Zones
You can set different security settings for different "zones" in Internet Explorer 4.0 to customize the behavior of ADO/RDS objects in those zones. The following four zones are defined in Internet Explorer 4.0:
* Internet zone
* Local intranet zone
* Restricted sites zone
* Trusted sites zone
3.1.2. Security Levels
For each of these zones, you can specify the security level to use. The following security levels are available for each zone:
* High
* Medium
* Low
* Custom
Like any other ActiveX controls, in order for ADO/RDS objects to work at all in Internet Explorer 4.0, the security level must be set to "Medium" or "High." Custom settings are used to set ADO/RDS objects to behave in safe or unsafe mode.
3.2 Restrictive Behavior
By default, any unsafe operations on ADO/RDS objects in Internet Explorer 4.0 will result in a user prompt when accessing pages from "Local trusted zone," "Trusted sites zone," and "Internet zone." Unsafe operations on ADO/RDS objects are disabled, by default, for pages loaded from "Restricted sites zone." The following describes ADO/RDS behavior when running in these modes:
3.2.1 Safe Objects
The following objects are considered "safe." This means that unsafe operations (detailed in 3.2.3) are disallowed in a safe environment (e.g., Internet Explorer, by default; unless custom settings are used to run in an unsafe mode) and allowed in an unsafe environment (e.g., Visual Basic).
a. RDS.DataControl object
b. RDS.DataSpace object
c. ADO Recordset object
3.2.2 Unsafe Objects
The following objects are considered "unsafe." They cannot be created directly or indirectly (and given to a user) when operating in a safe environment.
a. RDSServer.DataFactory object
b. ADO Connection object
c. ADO Command object
3.2.3 Unsafe Operations on Safe Objects
The following are considered unsafe operations on the "safe" objects -- RDS.DataControl, RDS.DataSpace, ADO Recordset. These operations are disallowed in a safe environment but allowed in an unsafe environment.
a. RDS.DataControl
i) All two-tier and DCOM scenarios on the RDS.DataControl object. This means that you cannot open database connections on your local machine or from servers to which you connect using the DCOM protocol.
ii) All three-tier operations over HTTP are restricted to the server from which the page has been downloaded. This means that the Server property on the RDS.DataControl object must be equal to the host name (http://server) from which the page has been downloaded.
b. RDS.DataSpace
i) All two-tier and DCOM scenarios on the RDS.DataSpace object. This means that you cannot use the RDS.DataSpace object to invoke business objects on your local machine or over the DCOM protocol.
ii) All three-tier scenarios over HTTP are restricted to the server from which the page has been downloaded. This means that the second parameter in the CreateObject method call on the DataSpace object must point to the same server from which the page has been downloaded.
c. ADO Recordset
i) Making any connection where provider is not MS Remote. So the connection string must start with "Provider=MS Remote". The "Remote Server" tag in the connection string must also be the same name as the server from which the page has been downloaded. Local two-tier and DCOM connections are not allowed.
ii) Local Persistence operations, like saving a recordset to the local filesystem and opening a recordset from file on the local machine.
3.3 Customizing Security Settings
ADO/RDS behavior is controlled by the setting for the "Initialize and script ActiveX controls not marked as safe" option. You can change the security settings by changing the security level for a specific zone. Default settings for the "Initialize and script ActiveX controls not marked as safe" option for the intranet zone are as follows:
Security level = High Value = "Disable"
Security level = Medium Value = "Disable"
Security Level = Low Value = "Prompt"
For default settings in other security zones, please refer to the documentation for Internet Explorer.
By changing the security level, you can change the behavior of disconnected ADO Recordset objects running in the browser. If you want to enable unsafe operations and do not want