I would like to limit the role of an user In Visual Studio only to assign roles to other users for the cubes. Other than that the user should not be able to create / delete the exisiting cubes or dimensions.
View 2 RepliesThe requirement is to customize database admin activities by creating new user group.
Need to create a group of user / dbauser1 which will have restriction in seeing the data but they should be able to alter database - add / remove the data file , increase or decrease the data file space when required.
This requirement came we wanted to create a new dba group they should not be able to any user data / any table but increase / decrease / add / modify space etc.
I have created a user in SQL Server Management Studio Express. However,
View 1 Replies View RelatedSybase and DB2 both have the capability of tracking user activities ata number of levels: invalid access attempts to databases, table, etc.;creation/deletion/modification of database objects/users/groups,grants/revokes.For MS SQLServer, the only setting that I've seen in the documentationis access attempts (none, fail only, etc.)The monitor program has the capability of tracking the events that Iwant to be monitored, but it seems as though these settings persistonly while the monitor program is running.I'd like these settings to persist permanently and the event records tobe sent to the system log.I can't seem to find the right term to get this information out of theMS Books On LIne.Help!
View 5 Replies View RelatedOn the other database types, there is an audit capability in that yourecord such items asfailed login attemptsattemtped access to tables user is not authroized tochanges to databse schemachanges to permissionschanges to logins (add, delete, lock, unlock, passwrod reset)All I can find in the SQLServer documentation is the reference totracking failed logins when you set up a database, plus the Profiler'sactivities.Yes, I'm taking voer my first SQLServer database and have been asked tomake sure that this database is closely monitored for inappripriateactivity.Questions:1) Does SQLServer have this capability? (Sybase has this, which iswhere I'm coming from)2) Does SQLServer do this automatically or do I have to set up theevents to be tracked as happens with Sybase?3) What commands are there for setting up these events to be tracked?Thanks in advance!
View 2 Replies View RelatedHow do you handle user level security with SQL Server 2005?
Say I have an HR database.
In Active Directory I have two groups: Managers, Employees.
Now in this HR Database I want to setup permissions in such a way that Managers can see all employees under them (but not other managers) and the employees can only see themselves.
(I'd have various levels of management defined in a table somewhere, so that each employee has a manager ID that links to another employee so that the CEO would be manager of everyone by working down the chain).
What I'm trying to understand is the best way to handle the permissions.
I'm not entirely clear on how to deal with that.
Would I use user chaining to do that, I wouldn't need impersonation (that's just for instances where you want dynamic SQL and it won't execute with user chaining, correct?)
Anyway, just looking for some general direction on this (obviously I need to get a good book it would seem).
Would I create a stored procedure that runs with EXECUTE AS permissions so that I'd have a non-interactive login it uses that has table access then all the other users have permission to execute the sproc?
So that sproc runs, pulls back a SELECT * FROM tbl_HRINFO and using a WHERE constraint limits who is returned WHERE SupervisorID = CurrentLoggedInEmployeeID ?
Also: How can I determine who is logged in and running the procedure, would the sproc use the SELECT USER_NAME command to see who was running it?
As you can see, I'm working from square one on all of this.
Not sure if my posting entirely made sense, but hopefully someone can get me pointed in the right direction, thanks!
I am in need of creating a new user for stored procedures execution say sa (to whom i am in need of creating under my user defined db)
View 1 Replies View RelatedThis is my first time to deploy an asp.net2 web site. Everything is working fine on my local computer but when i published the web site on a remote computer i get the error "Failed to generate a user instance of SQL Server due to failure in retrieving the user's local application data path. Please make sure the user has a local user profile on the computer. The connection will be closed" (only in pages that try to access the database)
Help pleaseee
Hi,
Please give the T-SQL script for this ? Thanks
Shanth
Hi there,
I want to create database login and set that login to owner of the database? Can anyone help me?
thanks
Hi All,
I've a question about user-management when developing webapplications:
Which approach would you people preferre?
1. Create a table in the database with the following columns: username, password, group, rights
use this table to add or remove users from the system and take care of the user rights like reading, writing, updating, deleting to the database.
OR
2. Using sql server 2000 user management, and create logins for every user. The groups, Read/Write/delete/update rights are managed trough the sqlserver 2000 system.
thanks in advance
Good evening,
I have to admit that I've just started using Reporting Services. I've just managed to intall it on a Windows 2003 Server, running SQL Server 2005 Developer Edition. The first issue I've noticed after installation is associated with the ability to manage the users that have access to the reporting services, as well as what roles they are associated with.
After a bit I figured that reporting services was using Windows Users. That's not much of a problem in my situation, although I'd prefer if it was something more like ASP.NET 2 Membership and Roles. Nevertheless, eventhough I've managed to find this one out I didn't seem to find a way to manage the permissions of the users.
Could someone help me out on this one?
I need to limit the sessions to access to SSAS cube to one per user. For example, if a customer uses Excel to check a cube, two or more users cannot use the same session or account.
View 2 Replies View RelatedI am working to get 'NULL' as a string instead of blank in below shown Hierarchy
Level1: ASIA
Level2: (BLANK)
Level3: Indonesia
Malaysia
NOTE: In Level2 '(BLANK)' means it is actually blank.
I tried changing 'UnknownMemberName' to 'NULL' at the Dimension, but this did not work.
I am trying to create a database setup script that will work on various OS languages. One of the things the set up script has to do is grant permissions to the NETWORK SERVICE account. This is simple when we are running on the English version of Windows with the command:
Code Block
CREATE USER [NetworkService] WITH LOGIN [NT AUTHORITYNETWORK SERVICE];
Unfortunately, if you run this on a French language version of Windows, the login is called something like [NT AUTORITESERVICE RUSSEAU] or something similar. This causes the script to fail.
I think I should be able to get around this by using the well known SID for this account (S-1-5-20) and SUSER_SNAME() to resolve to the name for the account in the local language.
Here is the code I've written:
Code Block
SET @user = quotename(SUSER_SNAME(0x010100000000000514000000));
SELECT @user;
CREATE USER [NetworkService] FOR LOGIN @user;
Everything seems to be working up to the last line. The SELECT @user line returns [NT AUTHORITYNETWORK SERVICE] on my English language server as expected. Unfortunately, the last line results in a syntax error.
This may be a really dumb question, but I'm not really a DB developer, so I'm stumped. Any ideas on how I could make this work?
Thanks,
Bill
Hi I am using ASP.Net user management tool. How can I get the user name of the current user who does some activity to log those details using triggers.Any web link/tool/suggestion is welcomed.
View 13 Replies View Relatedhi ALL
how can i add new user to the windows with out using management console
can i do that with api or any thing plz answer rapid
the task is i need to make magamant program to add the users from it in applcation that use sqlserver 2000
thanks
I like to schedule a task that provides with database usage size, current users online, memusage and CPU usage and store it into a database table once in a week. I tried looking at different system tables but not successful.
We are using MS SQL 6.5.
Can someone help me on how to achieve this?
Thanks,
Mohan
I have saml token which contains user name and password.
I have to use this token to authunacate the ssas cube date base to open the report.
How implementing the Effective User Name authentication for ssas.
Running PivotTable reports in Excel 2007 which are linked to a SSAS Server 2008 R2 may consume high amount of memory and cause high CPU utilization.
Detail:users may set 7 or more dimensions in row section of a Pivottable report. Some of those dimensions were containing more than 10000 members.
When refreshing such a report, Analysis Services is consuming more than 16 GB of memory, cpu utilization often goes up to 80%.
To run this report it takes arround 10 minutes. During this time other users may be unable to run reports on the server.Is there a way to control expensive MDX queries caused by some users to ensure Service availability?
I am trying to connect Sharepoint 2013 services (performancepoint , excel services) to SSAS 2012 using the EffectiveUserName.
I was getting a error message regarding conencting the datasource and when checking profiler it was saying Logon failure: unknown user name or bad password.
On the SSAS server i tried using EffectiveUserName in the additional Connection Parameters and it failed for the above reason. I also tried my username as well as the sharepoint service accountthe sharepoint service account and my username are both server admins.
When I try using the EffectiveUserName in the additional Connection Parameters on another server I can connect with no problems.
What seems to be the different with server where I am getting the error message?
Hi,
how do you create a username and password for a database in SQL.
Thanks
I'm trying to create a user from a powerbuilder application through powerscript.
I'm trying to create first the login using sp_addlogin
but I'm getting the following error
[microsoft][odbc for sql server]the procedure sp_addlogin cannot be executed in transaction.
Plz does someone know what should I do?
I'm not in our IT section but am responsible for the running of a finance application on SQL 2000.
I want a Read only user set-up on the SQL DB so that we can use Crystal and Access to look at the tables.
IT have some concerns with this as they say it by passes all security.
Are they spinning me a line?? Surely read oonly is read only? Can a user be restricted to a specific database as there are a number running on the same server.
Many thanks for any advice comments.
Tony
i am a newbie in SQL Server. i want to add a new user to my database, whom i want to grant only insert, update, delete, select commands and some procedures/triggers. i need to log on to the database using that user from my asp.net application. i might have several users to log no to the system and for each user i need a set of tables in the databse. i want to wirte the procedures /triggers once for all the users in the database where they can access. i can write the procs under dbo schema, but i what about the tables?
currently i am using SQL Express to test my database. i have Management Studio Express installed on my PC.
S ]-[ /- | ]-[ /- N
When I declare a cursor,I use a variable to replace the sql statement:DECLARE rs CURSOR LOCAL FAST_FORWARD FOR@sqlPlanBut it is not true.Who can correct for me.Another question is :How to execute a sql statement state by a variable "@sqlPlan" andinsert the result to a table "@FeatRequestStatus"?I am a new hand of sql programming.Thank you very much for your help
View 2 Replies View RelatedI have noticed that some folks create a user to own a schema, with both having the same name (ex: userowner = pfm schema = pfm) and others make dbo the owner for all their schemas. From what I can tell, it doesn't really matter; what does matter is if your database users are granted access to the schema. Since most users only have public rights and dbo has database owner rights, is there any particular reasoning to use one scenario over the other?
Hello,
I have a stored procedure that outputs login token and user token information. The stored procedure has
WITH EXECUTE AS CALLER specified.
When I execute the stored procedure from Management Studio I get the following output from the stored procedure
<login_token pid="267" sid="AQUAAAAAAAUVAAAAdbl1VI3r6l4jX2Nr0AYAAA==" name="MYDOMAINjoe" type="WINDOWS LOGIN" />
<login_token pid="2" sid="Ag==" name="public" type="SERVER ROLE" />
<login_token pid="3" sid="Aw==" name="sysadmin" type="SERVER ROLE" />
<login_token pid="257" sid="AQIAAAAAAAUgAAAAIAIAAA==" name="BUILTINAdministrators" type="WINDOWS GROUP" />
... (more groups)
<user_token pid="7" sid="AQUAAAAAAAUVAAAAdbl1VI3r6l4jX2Nr0AYAAA==" name="MYDOMAINjoe" type="WINDOWS LOGIN" />
<user_token pid="0" name="public" type="ROLE" />
<user_token pid="5" sid="AQUAAAAAAAUVAAAAdbl1VI3r6l4jX2NrCAUAAA==" name="MYDOMAINPeople" type="WINDOWS GROUP" />
<user_token pid="16" name="approleDirector" type="ROLE" />
<user_token pid="16384" name="db_owner" type="ROLE" />
When I execute the stored procedure through my application (IIS application connecting to SQLServer 2005 through SQL Native Client - not .NET)
I get the following
<login_token pid="267" sid="AQUAAAAAAAUVAAAAdbl1VI3r6l4jX2Nr0AYAAA==" name="MYDOMAINjoe" type="WINDOWS LOGIN" />
<login_token pid="2" sid="Ag==" name="public" type="SERVER ROLE" />
<login_token pid="3" sid="Aw==" name="sysadmin" type="SERVER ROLE" />
<login_token pid="257" sid="AQIAAAAAAAUgAAAAIAIAAA==" name="BUILTINAdministrators" type="WINDOWS GROUP" />
... (more groups)
<user_token pid="1" sid="AQUAAAAAAAUVAAAAdbl1VI3r6l4jX2Nr4QQAAA==" name="dbo" type="WINDOWS LOGIN" />
The login token is the same but the user token is dbo instead of the actual user.
What am I doing wrong?
Thanks.
Is there a way to connect to database using Windows authentication as a different user than what you've logged in with to your desktop?
For example:
I log on to my desktop as mydomainme. I'm developing queries using Management Studio against a database (on another server) where mydomainme doesn't have access, but the admins have granted access to mydomainJobs1. I have the password for mydomainJobs1, and I'm hoping I can connect to the database using that account without having to log-off my local desktop as mydomainme and then re-login using mydomainJobs1.
The analogy in the file/share-permissions world would be using "net use" from a command prompt:
net use \SomeServer /User:mydomainJobs1 jobs1password
Anything similar for SSMS?
All:
I am working with a package that executes a stored procedure. This stored procedure makes use of a Linked Server. When I execute it in debug mode in VS 2005, it works flawlessly. However when I deploy it to the production server and execute it by going to Management Studio, connecting to Integration Services, navigating to MSDB, right clicking and choosing "run package" I get the infamous:
Login failed for user '(null)'. Not associated with a trusted SQL Server Connection. OLE DB Provider SQLNCLI for linked server [name] returned message "Communication Link Failer"
error. If I execute the stored procedure by itself on the production server, it works flawlessly. It is only when this stored procedure gets executed via the above mentioned way inside of an SSIS pack that I get this error. To me this suggest it is being executed as a different user, but I don't know which one.
Any help would be wonderful.
Thank you in advance...
AccDev
I installed SQL Server 2005 Express, and Management Studio Express, while logged on as an Administrator of my XP Pro machine. When I switch to my limited user account, Management Studio Express seems not to be aware that SQL Server is even running on the machine (although Configuration Manager can see it and reports that it is running). I'm sure I've missed something simple, but I can't find the answer anywhere... how can I get access to my local SQL Server from my limited user account?
View 2 Replies View RelatedI have been working on a website in Visual Studio 2005 Pro using the MS SQL Server that comes with VS. I have tried Attaching those MDF files in Visual Studio to the SQL Server Express Management but it wont let me, get an error::
Error Number: 5133
Severity: 16
State: 1
Line Number: 1
TITLE: Microsoft SQL Server Management Studio Express
------------------------------
Attach database failed for Server 'WYATT-PCSQLEXPRESS'. (Microsoft.SqlServer.Express.Smo)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=9.00.3042.00&EvtSrc=Microsoft.SqlServer.Management.Smo.ExceptionTemplates.FailedOperationExceptionText&EvtID=Attach+database+Server&LinkId=20476
------------------------------
ADDITIONAL INFORMATION:
An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.Express.ConnectionInfo)
------------------------------
Directory lookup for the file "C:UsersWyattDocumentsVisual Studio 2005WebSitesAdultUnderWorldApp_Dataaspnetdb.mdf" failed with the operating system error 5(Access is denied.). (Microsoft SQL Server, Error: 5133)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=09.00.3042&EvtSrc=MSSQLServer&EvtID=5133&LinkId=20476
------------------------------
BUTTONS:
OK
------------------------------
Here is the info for the Web.config Connection Strings::
<connectionStrings>
<add name="Personal" connectionString="Data Source=.SQLExpress;Integrated Security=True;User Instance=True;AttachDBFilename=|DataDirectory|Personal.mdf" providerName="System.Data.SqlClient" />
<remove name="LocalSqlServer"/>
<add name="LocalSqlServer" connectionString="Data Source=.SQLExpress;Integrated Security=True;User Instance=True;AttachDBFilename=|DataDirectory|aspnetdb.mdf" />
</connectionStrings>
I want to attach the above databases into the SQL Server Management Studio,so how can i go about doing this??
If i install the SQL Server Express and the Management Studio in my computer with an administrator account... can a non-administrator user run the SQL Server Management Studio Express ?
When the non-administrator user tries run the SSEMS, he gets an error, something like "Cannot load the SQL Management Studio Package".
Can i set several permissions to let non-administrator users run the SSEMS ?