Cross DB Dialog Security Issues. Was: Can't Route To Another LOCAL Broker Instance

May 31, 2007

Hi Remus,



I am experiencing the same problem, and I can't get the easy fix to work. I drop and create the DB's in between tests, so it is not related to having an old certificate in the DB, as in the case of Tilfried.



The situation is as follows:

DB1 owned by login1, has a user for login2; this DB is for the initiator

DB2 owned by login2, has a user for login1; this DB hosts the target

Both DB's have TRUSTWORTHY flag set to ON

Error in sys.transmission_queue: 'Error 916, State 3: The server principal "Login1" is not able to access the database "DB2" under the current security context.



Going on a limp, I decide to add a remote service binding in DB1, binding the user for Login2 to the target service, even though BOL explicitly states that this is only required for cross-server communications. This does change the situation - I still get an error, but a new message is sys.transmission_queue: "Dialog security is unavailable for this covnersation because there is no certificate bound to the database principal (Id: 5). Either create a certificate for the principal, or specify ENCRYPTION = OFF when beginning the conversation." I already know that the first option works, but I wanted to get the simple solution running. As for the second option, I doublechecked and the initiating procedure DOES already specify ENCRYPTION = OFF in the BEGIN DIALOG CONVERSATION command. My theory is that the remote service binding somehow forces SB to use encryption, but (a) that is not stated in the error message, and (b) if so, then how to get the messages sent over to the target service without using the binding?



==> EDIT: Just saw that you confirmed this theory in your last reply to Tlifried. So I am indeed back to having to find out how to get this to work without remote service binding - it should be possible, but how???



BTW, SELECT @@VERSION shows that I'm on build 3054, in case it matters.



Between all the errors in BOL and less than helpfull error messages produced by SB, I feel like I'm slowly losing my sanity. Please help!



Best regards,



Hugo Kornelis

View 6 Replies


ADVERTISEMENT

Can't Route To Another LOCAL Broker Instance

Feb 17, 2006

I have two databases (A and B )on the same SQL Server instance. Both have SSB enabled and running fine within themselves. All athorizations are at present set to dbo.

Recently I had a requirement to start a dialog and send a message from within data base A to a queue via a service that is in database B.

I tried coding the SSB instance in the BEGIN DIALOG then I set up a route and tried that. On both occoasions I got the following on sys.transmission_queue

"An exception occurred while enqueueing a message in the target queue. Error: 916, State: 3. The server principal "sa" is not able to access the database "B" under the current security context."

Is this sometjhing to do with security lock downs in 2005?

View 16 Replies View Related

Service Broker Dialog And Transport Security

May 25, 2006

what is the difference between the Dialog security and the transport security?

If I disable the dialog security can the messages be sent to the a different SQL server instance. As the transport security will encrypt the messages.

If I don't create a certificate to be used by the transport security can the messages be sent to another SQL server instance?

Can a message be sent to another SQL Server instance without creating a REMOTE Service Binding?

View 1 Replies View Related

In Service Broker Message Dialog Security Is Not Available For This Conversation...

Jul 23, 2007

when ever I send my message thru Service Broker I am getting an error message like this "



"Dialog security is not available for this conversation because there is no remote service binding for the target service. Create a remote service binding, or specify ENCRYPTION = OFF in the BEGIN DIALOG statement."



This I found in sys.transmission_queue

Please reply with your comments

View 1 Replies View Related

Service Broker: Cross DB, Same Instance

Jun 14, 2006

I'd like to set up a Service Broker queue in one database (dbRespond) on a server so that events in another database (dbEvent) on the same server instance can post messages to the queue. The problem I'm having is that:

The BEGIN DIALOG CONVERSATION needs to reference a Contract that is in the current database, and I want to call BEGIN DIALOG CONVERSATION from dbEvent
The target service is in dbRespond. Based on the "Hello World" Service Broker example that comes with SQL 2005, in dbRespond I need to specify the contract in the CREATE SERVICE call that creates the target service. Here, too, the contract must be defined in the current database.
How do I deal with needing to have the same one contract in two different databases?

View 5 Replies View Related

Service Broker: Cross DB, Same Instance - Part 2

Jun 21, 2006

Hi,

I run the code sample below in a SQL Mgt Studio query window. I get no error messages. However, the two SELECT statements at the end produce undesireable results (see comments). My messages to not make it to the target queue; they get stuck in sys.transmission_queue with the error message in the final comment of the code. The server principal "ddddXXXXX" is a Windows Active Directory account that: 1) is a domain admin in the domain that my SQL Server box is a member server of, 2) is the login used by the "SQL Server (MSSQLSERVER)" service account, and 3) is a member of the SQL Server instance's sysadmin fixed server role.

What is it I'm missing that is denying a sysadmin login access to a database?

/***
Service Broker try 1
***/
USE master;
GO

CREATE DATABASE sbRespond;
GO

CREATE DATABASE sbEvent;
GO

USE sbRespond;
GO

CREATE MESSAGE TYPE ActivatedStudyMessage
VALIDATION = WELL_FORMED_XML;
GO

CREATE CONTRACT ActivatedStudyContract
(ActivatedStudyMessage SENT BY INITIATOR);
GO

CREATE QUEUE [dbo].[ActivatedStudyTargetQueue];
GO

CREATE SERVICE ActivatedStudyTargetService
ON QUEUE [dbo].[ActivatedStudyTargetQueue]
(ActivatedStudyContract);
GO

USE sbEvent;
GO

CREATE MESSAGE TYPE ActivatedStudyMessage
VALIDATION = WELL_FORMED_XML;
GO

CREATE CONTRACT ActivatedStudyContract
(ActivatedStudyMessage SENT BY INITIATOR);
GO

CREATE QUEUE [dbo].[ActivatedStudyInitiatorQueue];
GO

CREATE SERVICE ActivatedStudyInitiatorService
ON QUEUE [dbo].[ActivatedStudyInitiatorQueue];
GO

-- Send a message.
USE sbEvent;
GO

BEGIN TRANSACTION;
GO

DECLARE @message XML;
SET @message = N'
<message>
<PROT_ID>123456</PROT_ID>
<StudyID>AAAA1234</StudyID>
</message>
';

DECLARE @conversationHandle UNIQUEIDENTIFIER;

BEGIN DIALOG CONVERSATION @conversationHandle
FROM SERVICE ActivatedStudyInitiatorService
TO SERVICE 'ActivatedStudyTargetService'
ON CONTRACT ActivatedStudyContract
WITH ENCRYPTION = OFF;

SEND ON CONVERSATION @conversationHandle
MESSAGE TYPE ActivatedStudyMessage
(@message);

END CONVERSATION @conversationHandle;
GO

COMMIT TRANSACTION;
GO

USE sbRespond;
GO

SELECT * FROM [dbo].[ActivatedStudyTargetQueue];
GO
--The query above returns zero records

SELECT * FROM sbEvent.sys.transmission_queue;
GO
--The query above returns two records, each with this "transmission_status" value:
--An exception occurred while enqueueing a message in the target queue.
-- Error: 916, State: 3.
-- The server principal "ddddXXXXX" is not able to access the
-- database "sbRespond" under the current security context.

View 3 Replies View Related

SQL Security :: Cannot Connect To Local Instance

Sep 25, 2015

I have verified that the following services ARE running.SQL Server (SQLEXPRESS)SQL Server Browser SQL Server VSS Writer.This one however will not start ... For some reason it starts then automatically turns off.SQL Server Agent (SQLEXPRESS).When I try to connect using my <machine name>/instance  and Windows Authentication I get the following error ...

"A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified) (Microsoft SQL Server)".The connection specified in the "Connect to Server" box was working perfectly fine before I upgraded. I thought it might have been my Norton 360 Premier but I uninstalled it.I AM having issues with the adapter frequently dropping the internet connection but I just disconnect and reconnect and that resolves itself.The other technique I tried was to replace the server name with the IP address ... <192.168.0.22>/Instance ... This actually seemed to find the SQL Server but rejected the Windows Authentication ...

"Login failed. The login is from an untrusted domain and cannot be used with Windows authentication." I have several databases on here and would hate to have to reinstall SQL Server and manually hook them back up.

View 6 Replies View Related

Thoughts/patterns For The Following Use Case Related To Service Broker Dialog Network Connection

Dec 29, 2006

Hi,

I would appreciate any thoughts/ideas on the following use case for the distributed service broker application we plan to migrate from our existing proprietary tcp based message protocol using database tables for reliability.

There are two ssb services running in separate sql server instances, each on a different server machine. For simplicity, let us assume the ssb endpoint names are SSBA, SSBB. SSBB is the Initiator of the Dialog while SSBA is the Target. Now the requirement is that if the underlying network communication between the two ssb endpoints(SSBA and SSBB) is broken or if the critical service SSBB is down, then processing of any incoming message into SSBA's queue from a third service broker service (say SSBEXPR) running within a SqlExpress instance should be delayed until SSBB is alive and network communication between SSBA and SSBB is established. In our existing implementation (wherein SSBA, SSBB and SSBEXPR are windows services) we use a combination of TCP socket disconnects and Heartbeat messages between SSBA and SSBB to determine the health of network connection and that of the SSBB service.

Now my understanding of how the underlying network connection for a ssb dialog works is that if there is no activity on a dialog for a certain amount of time then the underlying network connection is closed. Is there a way to specify the amount of time to say infinite value or something and thus change this behavior? My other question is how can one query the underlying network connection (i.e. a row from sys.dm_broker_connections) associated with a particular conversation? If none of this is possible, then any other patterns/ideas/approach is welcome.

Thanks,









View 8 Replies View Related

Transport Security Vs Dialog Security

Aug 3, 2006

In an environment where there are many initaitors speaking to a central target with frowarders in between, from what i can understand this best policy is to disable encryption on the endpoints, since dialog encryption will be enforced this is all that is really required, is this correct.

If the endpoints used encryption the message would need to be encrypted and decrypted at each forwarder resulting in slower perfromance, where as dialog encryption would only encrypt at the sender and decrypt at the target, so is this the best way to go?

Secondly is it best practice to open a dialog initally and send messages over this dialog for years never ending the conversation? This way the services only have to authenticate eachother once, if there are no reboots etc that is of course.

I would think performance wise sending each message and ending the conversation each time is a much greater overhead ? So would it be best practice to keep dialogs open and keep sending messages ?

Initally when i was learning service broker i thought that one must send a message and end the dialog until the next message, but i think the other way is the best option ?

Is this correct ?

Thanx

View 1 Replies View Related

Cannot See Local Database Template In Add New Item Dialog Box

Aug 6, 2007

Per MSDN instructions I downloaded the folliwng: .NET Framework 2.0, SQL Server 2005, SQL Server Compact 3.5, and Visual Basic Expess Edition. When following the tutorial to create a database, I was never able to see the Local Database template. I am taking the programming lessons in VB, and I am up to Creating Your First Datatbase. It is a requirement that SQL Server Compact 3.5 be installed. Which I have done.

View 3 Replies View Related

Dialog Security Questions

Aug 10, 2006

Hi Remus

Thank you for the email reply.

However i am still not 100% clear, dialog security with certificates when there are hundreds of remote services seems a bit complicated.

I have a few more questions.

1. you said "When sending the first message (any direction), we look up the 'best' certificate for each user"

My inititor sevice is owned by dbo, i have created certificates only for named users not dbo, how would this work?

2. I am going to try settin gup this again, but at the central service i will create a seprate user for each remote service, authorize the remote certificate for this user and use this user in the remote service binding for that remote service, is this correct or am i still doing somehting wrong?

3. How does all of this relate to the endpoint security, i ahve the same scenario, 1 pricipal id with all remote certificates authorized for it for the endpoint? I have no idea how i would have to setup different user for each remote servcie as far as the endpoint goes as there is no remote service binding to dictate which user to use ?

I will keep try and experimenting maybe i will get it right sooner or later.

Thank You

View 6 Replies View Related

Dialog Security With Different Instances Of A Service

Sep 20, 2005

I am in the process of evaluating the use of Service broker for messaging in a load balanced configuration, and am not having any success.  My configuration is as follows.   1) Master database on Box #1 which is the initiator of all dialogs 2) Target database on Box #2 3) Target database on Box #3   One of my goals is that the databases on Box #2 and #3 are as close to identical as possible.   My routing table on Box #1 looks something like the following   Name remote_service_name broker_instance address TargetOne TargetService
E96DC67E-F696-4D93-8545-C2E92157E32D tcp://server1:4022/ TargetTwo TargetService
56607120-26AA-4AAA-B9E4-F14689C40E41 tcp://server2:4022/   My messaging process begins with a dialog initiated from the master database (Box #1) to each of the target services.  At this time, only the first server "tcp://server1:4022/" is receiving messages.  The sys.transmission_queue shows a message outbound to "tcp://server2:4022/" with a blank status.   I believe that my delivery problem has something to do with the resolution of the dialog certificate need for the conversation.  The MSDN documentation states that:   "Service Broker uses a remote service binding to locate the certificate to use for a new conversation...The certificate for user_name must correspond to the certificate for a user in the database that hosts the remote service."    I am confused as to how I would configure remote service binding if one can not create more than one binding for the same remote_service_name.   The following throws an exception on the last creation of the binding.
---CODE SNIP---
CREATE CERTIFICATE UFEDlgCertTargetPublic

View 3 Replies View Related

Confusion About Dialog Security Steps.

Aug 3, 2006

Hi There

I have done the following.

2 Servers across the net work Server A and Server B.

I have created private keys at each and copied to public keys across.

I create an endpoint at each with validation by the certificates. I then create appropriate users and logins at each and import the public certificates with authorization to the users who have send permission on the endpoints.

That is transport security sorted and it works.

Now from what i have learnt from examples, to setup dialog security i do the following.

create a private key in each DB :

create certificate Store001DialogPri

with subject = 'Store001DialogPri',

start_date = '07/20/2006'

active for begin_dialog = on;

go

I then copy the public key to each server, create a user only in each DB and import the public keys with authorization on the user. And grant send to the appropriate servcies to the user.

I then create appropriate remote service bindings with this user.

Now this works for me. Everythign seems A OK.

However i am going thorugh the Service Broker "bible", and there are a ton of steps i am not doing but my setup works ???

Steps i am not doing for example is when i create the private keys in the DB i should authorize them to a user i create who is then gratnted CONTROL permission on the SERVICES.

Now i do not do this but everything seems to be working. I thought i finally understood dialogs security but now i am totally confused ?

Is what i am doing correct ? If so why are these all these additinal steps mentioned ? WHat am i missing ?

Thanx

View 3 Replies View Related

Dialog Security And Message Encryption

Apr 25, 2006

I understand that Dialog Security + certificates can be used to encryption individual dialogs. I have several demos working now that do just this.However, I don't fully understand exactly when the messages are encrypted, and if they are ever written to a queue on the initiating service prior to being encrypted. I want to make sure that admins can't simply query the transmission queues to get clear text messages, because I have strict requirements that I encrypt all personal data that is stored anywhere in a database.
BOL is a little unclear on this topic. The relevant doc reads:For a dialog that uses security, Service Broker encrypts all
messages sent outside a SQL Server instance. Messages that remain within a SQL
Server instance are never encrypted. In dialog security, only the database that
hosts the initiating service and the database that hosts the target service need
to have access to the certificates used for security. That is, an instance that
performs message forwarding is not required to have the capability to decrypt
the messages that the instance forwards.Does this imply that message destined for an external service aren't encrypted until they leave the instance? Or does Service Broker figure out that the message is destined for a remote service and therefore applies encryption to the message_body prior to the message hitting the transmission queue on the initiating service?Many thanks, Kevin

View 6 Replies View Related

Announcing A GUI Tool For Configuring Dialog Security And Routing

Apr 8, 2006

www.codeplex.com/slm

Setting up Service Broker routes, endpoints and security is just too hard. One has to run pages and pages of Transact-SQL code just to get the €˜Hello, world€™ example work between two separate SQL Instances and the chances of making a mistake are overwhelming.
Well, not anymore! I€™ve just uploaded into the Service Broker team code gallery a new GUI tool for doing just that: easily configure two services to be able to have conversations. The tool uses the €˜Service Listing€™ concept. A Service Listing is like an identity card for a service. It is an XML document that contains all the necessary information needed to establish a conversation with that service. When two parties need to establish a conversation, they can exchange the Service Listings of the two services and the tool will create the entire infrastructure needed to establish the conversation. Optionally it can also create the message types and contracts supported by a target service in the initiator service database....

View 3 Replies View Related

SQL Server Admin 2014 :: Cannot Connect To Named Instance (2nd Instance) From Local SSMS

Jul 22, 2015

I've two instances(Default, Named[dynamicsFINANCE]) running on SQL server 2014. However, when I try to connect to named instance say (dynamicsFINANCE) using SQL authentication from local SSMS, I get below error message:

A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified) (Microsoft SQL Server, Error: -1)

I assigned a static port number to the named instance [dynamicsFINANCE] 1450. I also setup the firewall rule to allow access to Port 1450.

View 5 Replies View Related

Cross Database Activation Security

May 25, 2006

I have two databases Basket_ODS and Intelligence_ODS.

I created a user in the Basket_ODS and Intelligence_ODS databases as follows:

USE Basket_ods

GO

CREATE MASTER KEY ENCRYPTION BY PASSWORD = '*******'

CREATE USER BasketServiceUser WITHOUT LOGIN

ALTER AUTHORIZATION ON SERVICE::[Order Send] TO BasketServiceUser

GRANT CONTROL ON SERVICE::[Order Send]

TO BasketServiceUser

CREATE CERTIFICATE BasketServiceCertPriv

AUTHORIZATION BasketServiceUser

WITH SUBJECT = 'ForBasketService'

BACKUP CERTIFICATE BasketServiceCertPriv

TO FILE = 'BasketServiceCertPub'

In the other database...

I created the following:

USE Intelligence_ODS

GO

CREATE MASTER KEY ENCRYPTION BY PASSWORD = '************

USE Intelligence_ODS

GO

CREATE USER BasketServiceUser WITHOUT LOGIN

CREATE CERTIFICATE BasketServiceCertPub

AUTHORIZATION BasketServiceUser

FROM FILE = 'BasketServiceCertPub'

My Queue is in BASKET_ODS and is set up as:

ALTER QUEUE ODS.[Order Process Queue] WITH

ACTIVATION (

STATUS = ON,

PROCEDURE_NAME = ODS.ProcessOrderQueue,

MAX_QUEUE_READERS = 4,

EXECUTE AS 'BasketServiceUser'

)

I have performed the following grants in Basket_ODS

grant execute on ODS.ProcessOrderQueue to BasketServiceUser

ProcessOrderQueue calls [ODS].[MoveOrderTotals_Core] in the Intelligence_ODS database.

grant execute on [ODS].[MoveOrderTotals_Core] to BasketServiceUser

ProcessOrderQueue proc is set as follows:

ALTER procedure [ODS].[ProcessOrderQueue]

WITH EXECUTE AS 'BasketServiceUser'

[ODS].[MoveOrderTotals_Core] is set up as follows:

when I run ProcessOrderQueue I get an error message:

ALTER procedure [ODS].[MoveOrderTotals_Core](@Orderid uniqueidentifier)

with execute as 'BasketServiceUser'

I just don't understand when I run ProcessOrderQueue I get the following error message (when database trust is turned off)

The server principal "sa" is not able to access the database "Intelligence_ODS" under the current security context.

Can you help me figure out what I'm doing wrong. I've spent so much time on this security stuff. Is there another way to do this that is more straight forward without using database trust?

View 3 Replies View Related

Service Broker Security Question

May 22, 2006

If I have a stored procedure that is reading data in one database and writing it to another database (same instance) are there any extra grants that I must do. I do have a user created in both databases with the same certificate (backup and create certificate from the file system) and I've done the
GRANT AUTHENTICATE TO [SessionsServiceProcedureAudit];
GRANT EXECUTE ON <the cross database stored procedure>

Gary

View 8 Replies View Related

SQL Service Broker - Transport Security

Feb 20, 2007

If all my SQL Server instances are mutually trusted, am planning to implement transport layer security with Windows authentication. My query is that if I'm using Windows authentication do I need certificates to be created? Though I am using Transport security, I can achieve encryption by ENCRYPTION - ON in the Begin Dialogue conversation. I assume Message integrity using MD5 signatures are by default provided by Service broker irrespective of whichever service options we choose?

Can I have some article references on how these security mechanisms will impact the performace of Service broker communications?



Thanks a lot,

View 5 Replies View Related

Service Broker Security Issue

Aug 24, 2007

Just tried to deploy my service broker solution to a test environment but got the following error:


An exception occurred while enqueueing a message in the target queue. Error: 15517, State: 1. Cannot execute as the database principal because the principal "dbo" does not exist, this type of principal cannot be impersonated, or you do not have permission.


Any idea as to what this error message actually means and what I would have to do to get it to work?

Thanks

View 3 Replies View Related

Service Broker Message On Remote Instance Not Working

Feb 14, 2006

I was trying to send a message on a different instance in the network using service broker. I have created the endpoint and route both the side. I could see that the messages are in the transmission_queue in the sender side with no error in the status.

What could be the reason.

I am doing the following:
CREATE ROUTE inst02
WITH
SERVICE_NAME = 'SERVICE2',
ADDRESS = 'tcp://10.14.43.149:2341'

in the send script i am using this:
BEGIN DIALOG CONVERSATION @dialog_handle
FROM SERVICE [SERVICE1]
TO SERVICE 'SERVICE2'
ON CONTRACT [MainContract] WITH ENCRYPTION = OFF ;

in the sending side if i change the endpoint's authentication as windows kerberos , then i get thefollowing error in the transmission queue:

"Connection handshake failed. An OS call failed: (8009030e) 0x8009030e(No credentials are available in the security package). State 66."

I also have given access to the remote user on this endpoint(on the recever side) using this :
GRANT CONNECT ON ENDPOINT::Endpoint_test to paras

I am executing the sending side send script using the same user wich has access to the remote endpoint.

Can some one resolve this issue.

Thanks

View 9 Replies View Related

Service Broker Windows Security Problem

Jan 10, 2008

I am using windows authentication to send messages from one server to another.

The user is a domain user that is sysadmin on both servers and db owner of each database.

The errors I see in porfiler are as follows


At target,
An error occurred while receiving data: '10054(error not found)'.

and the following at the initiator:
Connection handshake failed. An OS call failed: (8009030c) 0x8009030c(The logon attempt failed). State 67.


For what its worth, the script for my target endpoint is below, and access has been granted to public:


CREATE ENDPOINT [BROKER]
AUTHORIZATION [MYDOMAINmssqlssb]
STATE=STARTED
AS TCP (LISTENER_PORT = 4022, LISTENER_IP = ALL)
FOR SERVICE_BROKER (MESSAGE_FORWARDING = DISABLED
, MESSAGE_FORWARD_SIZE = 10
, AUTHENTICATION = WINDOWS NEGOTIATE
, ENCRYPTION = REQUIRED ALGORITHM RC4)



I've actually used these users/objects successfully dozens of times on a seperate server with many clients...I am just re-scripting the objects here on this new server. The new remote machine is an image of one of the original machines that was working fine (with new broker GUIDs).



Thanks for any insight.
John

View 3 Replies View Related

Failed To Generate A User Instance Of SQL Server Due To Failure In Retrieving The User's Local Application Data Path. Please Make Sure The User Has A Local User Profile On The Computer. The Connection Will Be Closed

Dec 7, 2006

This is my first time to deploy an asp.net2 web site. Everything is working fine on my local computer but when i published the web site on a remote computer i get the error "Failed to generate a user instance of SQL Server due to failure in retrieving the user's local application data path. Please make sure the user has a local user profile on the computer. The connection will be closed" (only in pages that try to access the database)
Help pleaseee

View 3 Replies View Related

TRYING TO CREATE CERTIFICATE FOR SERVICE BROKER SECURITY BUT GETTING ERROR

May 22, 2007

hi all,

i m trying to send message between different server instance using service broker.

and for security purpose i am trying to create certificate. for that i have used makecert.exe and get a certificate and a private key. but when i am creating certificate using that file it is showing error

the code is --

CREATE CERTIFICATE ctfSourceServerMaster

FROM FILE = 'C:SourceServer.cer'

WITH PRIVATE KEY ( FILE = 'C:SourceServer.pvk', DECRYPTION BY PASSWORD = 'PrivateKeyPassword' )

ACTIVE FOR BEGIN_DIALOG = ON

GO

i have created the file SourceServer.cer' and SourceServer.pvk' by using makecert.exe tool.

the idea behind creating the certificate ctfSourceServerMaster is to give transport security.

I am running the particular script in the master database.

but still i am getting error

ERROR:----

The certificate, asymmetric key, or private key file does not exist or has invalid format.



If any body has any idea please help!!!!!!!!!!!

Thanks a lot in advance

View 1 Replies View Related

DB Engine :: Linked Server - Getting Error When Performing Cross Instance Query With Joins

Apr 26, 2015

I've successfully created a Linked Server that connects a local DB Engine with another DB Engine through an ip over an extranet. I am able to run simple Select statement queries on the Local DB Engine and get results from the linked server. However when attempting to perform more complex queries that join tables from the linked server with tables from the local DB server, I get the following error message after several minutes of execution:

OLE DB provider "SQLNCLI11" for linked server "<ip of Linked Server>" returned message "Protocol error in TDS stream".
OLE DB provider "SQLNCLI11" for linked server "<ip of Linked Server>" returned message "Communication link failure".

Msg -1, Level 16, State 1, Line 0

Session Provider: Physical connection is not usable [xFFFFFFFF].

OLE DB provider "SQLNCLI11" for linked server "<ip of Linked Server>" returned message "Communication link failure".

Msg -1, Level 16, State 1, Line 0

Session Provider: Physical connection is not usable [xFFFFFFFF].

OLE DB provider "SQLNCLI11" for linked server "<ip of Linked Server>" returned message "Communication link failure".

Msg 10054, Level 16, State 1, Line 0

TCP Provider: An existing connection was forcibly closed by the remote host.

How I can resolve it. I've read on Distributed Transactions but I understand that it only applies to manipulation statements?

Both are SQL servers. Linked Server is SQL2008R2 if not mistaken. Local DB Engine is SQL2014.

View 3 Replies View Related

Instance Name As Local Server ?

Oct 10, 2002

I have a SQL2K server installed , and it is given an instance name (like BoxSQLInstance). I have a connect string looking for "local" server, is it possible to make this instance name as the default local server ?

View 1 Replies View Related

Local DB - No Option To Set Instance ID

Sep 30, 2015

I am working on an existing project that uses sql server 2014 local db. I've installed it (there was no option to set an instance id). Using sql server 20014 management studio and setting the server name to (localdb) results in this error

Network related or instance specific error occurred while establishing a connection to sql server.......

So obviously its not there, how can i test this? There's no service I can see. The installation procedure completed without any errors, what could be going on here ?

View 2 Replies View Related

Cannot Connect To Local Instance

Jan 29, 2008

I have just recently installed MS SQL Server 2005 Developer edition. I have installed SP2.

Today when I try to connect via Management Studio, I get the following error:
An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: TCP Provider, error: 0 - A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.) (.Net SqlClient Data Provider)

I installed it as a default instance.

I recently added a login with dbo privileges. I have tried logging in with that sql account and also with windows authentication to no avail.

Thank you for any help.

View 2 Replies View Related

No Local Instance With SQLServer2005 Dev. Ed.

Oct 20, 2006

(New to SQL Server Installs)I installed SQL Server 2005 Developer Edition on a WinXP-SP2workstation and can see some enterprise databases on the network justfine.My problem is I cannot register a local database on the local drive fortesting/education purposes.(I accepted all of the defaults on the install and thought all waswell.)There are a couple of small databases that are in development in ourgroup and I need to work on when offline from the network.Short of uninstalling the whole product and doing it over, what stepscan I take to remedy this so I will be able to work with DB's locally?Thanks.

View 3 Replies View Related

Can't Access Instance Of Local Webserver

Sep 2, 2006

Hi, I've installed SQL Server 2005 Express Edition, SQL Server Management Studio Express using Windows Authentification and IIS 5. The problem occurs when I try to access the default address of my local computer to test my installation. I've tried with both http://localhost and http://127.0.0.1. The system requires a password despite I don't use password for my Windows Authentification. Does IIS always demands a password regardless my settings for Windows Authentification or?

Best regards

View 4 Replies View Related

Can I Connect To SQLExpress Instance Using (local)

Feb 19, 2007

Hello,

I am using the following connection string to connect to SQL Server 2005 Express Edition installed on my local PC.
string sqlstr = "Server=(local);Database=MyDB;User ID=sa;Password=sa;Trusted_Connection=False";

And it gives me the following error. The string works fine in computer with SQL Server 2000 instance but fails with 2005. The string also fails for "Server = localhost".
However the string works very fine if I use the name of Server 2005 i.e ./SQLExpress

===================================

Cannot connect to (local).

===================================

An error has occurred while establishing a connection to the server.  When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (.Net SqlClient Data Provider)

------------------------------
Error Number: 2
Severity: 20
State: 0


------------------------------

 

Now the main problem is that, of course I could use a named instance, but since I am embedding the Connection String in a dll file so that any user can use it to connect it to the local instance of the SQL Server 2005 installed in his/her computer, I need to use "server = localhost". Doesn't SQL 2005 support this. If yes, where could i find option to enable it?

I have enabled every option available in surface area configuration for SQL Server 2005, but nothing seems to help out. I even use local as well as remote connections using both TCP/IP and named pipes.
Can nyone help me out?

View 8 Replies View Related

Can't Connect To Local User Instance

Feb 6, 2007

Just when I think I have this stuff figured out, it bites me back everytime.

I'm
trying to deploy an mdf out to a different machine, and attached to it with local user instance. I connect without problem from my development
machine with a local user instance, which also has Express Manager resident,
and I can connect to a server instance without problem.

What I can't do is
copy the .mdf database over to another workstation, which has Sql Native
Client installed, and connect to the database using a local user
instance! I can connect to a server instance without problem from this
other workstation. Here's my connect string for local user instance
that works fine from my dev machine:

Provider=SQLNCLI.1;Persist
Security Info=False;Integrated Security=SSPI;Data
Source=.sqlexpress;AttachDBFileName=<full path_name and mdf
filename>;User Instance=true;

The error I get upon trying to connect with other stations is:

Error -2147467259
Database not found or cound not connect to database

I've
tried this every way I know how. I've copied the database from my dev
machine both with and without having detached the database from the
local instance. I've tried detaching from a server instance and copying
the file over. Nothing works, and I've done this before! What gives with this thing?

Rick

View 5 Replies View Related

SqlDataSourceEnumerator Not Finding The Local Named Instance?

Jun 19, 2007

We are seeing some very strange behavior on installation for our application when it is trying to enumerate the available SQL Server instances. On some machines (not yet determined why) the SQL Browser service is apparently able to locate remote instances but not the local instance. This does not seem to map to any firewall or TCP/IP settings which we can determine. We have gone to the extent of uninstalling all associated firewall and antivirus products, and the problem persists.



For the moment, we are working around this problem by interrogating the registry for the instances installed locally, but this seems unsatisfactory in the long run. Is there any possibility that other instances of SQL Server Express or MSDE have somehow disabled our ability to see local instances? I would really like to find a better solution to this problem.



Andrew Raymond, MCAD.NET

Senior Developer

Mitchell 1

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved