Changing Domain Name --Risks To SQL Server 2000
Dec 26, 2007
Greetings,
I have been tasked with changing our local domian name from .com to .local. I want to make sure I understand the risks to SQL server 2000 when i make this change. We use SQL for Great Plains version 8, here is my simple plan:
1. Dis-join all workstations from .com domain
2. Make a full backup of all databases iin SQL server 2000 -- all databases use the SA account and not NT authentication
3. Dis-join SQL server
4. Change domain name
5. Re-join SQL server box and workstations
6. Launch Great Plains and go home happy!
I am having trouble identifying the risk to my plan and am wondering if:
1. SQL will launch under the new domain
2. Will the backup I made restore under the new domian
3. Will I experience authentication problems even though we use the SA account?
I am not a DB admin and am feeling a little unsure about this task any help on the risks or links to "how to" guides would be appreciated.
Robert
View 4 Replies
ADVERTISEMENT
Jul 20, 2005
Greetings:I am trying to conceive what risks might be created by runningmultiple SQL servers within a domain under a single domain account, asopposed to 1) running under the local service account or 2) multipledomain service accounts.In this case, all the SQL servers are SQL2000 running on Win2003. Theservice account is assigned only to the "Domain Users" group.We do use linked server calls, and I have played and suceeded gettingKereberos up to avoid double hop issues when using Windows Auth. Infact, this is one of the reasons that sparked the question in my mind-- in all the MS Kerebos SQL<->SQL examples, the SQL servers run undera unique service account.As an aside, most of the servers are "line of business" servers, butHR runs under a unique server with more sensitive information. I don'treally think that merits a seperate service account, but again, Icould well be missing something.I mostly looking for food for thought, but concrete examples ofgotchas would be appreciated.Thanks all.d.
View 2 Replies
View Related
Feb 19, 2008
I am currently running a sqlServer 2000 database and am considering changing it to 2005 I see that I can do this via Properties> options and changing the dropdownbut are there any risks?
View 2 Replies
View Related
Dec 12, 2007
Greetings. We have a group that doesn't want to move from 2000 into a 2005 environment, mainly for financial reasons. Highlights for this server:
The server is really currently used as a reporting box, and not at all for OLTP.
Data is extracted nightly from a mainframe, and dumped into various DB's.
There is no front end at all. Users connect via MS Access to query the data.
While new 2005 features would most likely be attractive to them (partitioning, snapshots, new features of Analysis Services, etc.), the real concern is cost.
They have no plans in the near future to do anything else with this server.
All this being said, are there any glaring risks to this group staying on SQL Server 2000 once it has entered into the Extended Support Phase? Any huge reasons why a group like this would need to upgrade to 2005?
View 1 Replies
View Related
Apr 13, 2006
Hi all,I've done some sniffing around but apart from one post in thisnewsgroup haven't been able to find much on this topic.We have recently moved (well, quite a while ago but that's by-the-by)from an NT domain to an AD domain. One of our SQL Servers is stilljoined to the NT domain and, since this domain is soon to bedecommissioned, I need to join this SQL Server to the AD domain.Is there anything I should be on the lookout for WRT this move?As far as I can see, the only thing this would cause an issue withwould be permissions for "logins" etc. This shouldn't be an issue asthe only logins on this SQL Server are either local or from WindowsAuthenticated from our AD domain.Any advice would be greatly appreciated.Many thanks,Ian
View 1 Replies
View Related
Dec 17, 2007
Hello ppl
We have a Windows server that has 64-bit SQL installed on it. It is placed in 'abc' domain right now.
Now I have to get that changed to 'xyz' domain. I know that Windows people can take care of this, but my question is do we have to worry about the SQL Server that's already installed on that server? Will it have any affect on that?
Thanks
Satya
View 2 Replies
View Related
Dec 17, 2007
Hi
We have a Windows server that has 64-bit SQL installed on it. It is placed in 'abc' domain right now.
Now I have to get that changed to 'xyz' domain. I know that Windows team can take care of this, but my question is do we have to worry about the SQL Server that's already installed on that server? Will it have any affect on that?
Thanks
Satya
View 1 Replies
View Related
Mar 2, 2006
Currently running a SQL 2000 server in 2000 domain and want to migrate it to a new 2003 domain of the same name.
How do I go about it and is there any problems with this plan?
View 1 Replies
View Related
Feb 12, 2001
My SQL servers are using integrated windows nt security. Our user account is changing to a new domain. Is there an easy way to change the server logins to point to the new domain instead of removing the user and adding a new login from the new domain.
View 1 Replies
View Related
Oct 26, 2000
hi, I am not sure what happen. but I have lost the sql mail when I changed the from one user domain to another, any sugguestions on how to solve this issue
thanks for your help
Ahmed
View 1 Replies
View Related
Apr 8, 2004
Is there an automatic way of changing the Domain user password getting used for running the SQL Server as a Domain user account? I'm taking about EM---Security----Domain User name and the password getting used for running the SQL Server?
View 1 Replies
View Related
Aug 28, 2006
I know it's not possible, I've read the KBs. But I don't understand why not - from my testing, it looks like the only things that break are the domain groups to which the service logins are added. The service logins can be changed, as can the IPs, and SQL starts up just fine. The only problem is the domain groups.
I saw this KB:
http://support.microsoft.com/?kbid=910708
which says this:
After you install a SQL Server 2005 failover cluster, you can change the service accounts, but you cannot change the domain groups. If you want to use different domain groups, you must uninstall and then reinstall SQL Server 2005.
But it doesn't elaborate, it just says that the groups cannot be changed. Why not? That seems silly to me - it's not just a line in a config file somewhere? Can someone please give me a good reason why the groups cannot be changed?
View 3 Replies
View Related
Apr 24, 2007
Please help to connect SQL server 2000 on different domain.
Please correct if I m wrong.
System details as follows
Client
Domain : DomainA
System : System1
IP Address : 10.10.225.19
SQL server 2000 installed
SQL Server
Domain : DomainB
System : System2
IP Address : 10.108.22.19
SQl Server : System2inst2 ( My database is under inst2 instance)
SQL login : TestUser1
Password : Users123
I have Opened firewall port to access 10.108.22.19 from 10.10.225.19
While connecting the SQL server €œSystem2inst2€? from the client machine enterprise manager with the SQL authentication, I am getting error Login failed for user €œTestUser1€?
And I have noticed in the SQL server log the login attempt shows under System2 default instance ( no instance). Actually I want to connect system2inst2.
Please let me know the steps to connect.
Thanks in advance.
View 3 Replies
View Related
Jul 20, 2005
Hello everybody..Is there a way to fix the SQL Server 2000 installation when the Server afterthe server has been disjoined form its old domain and added to a new domainwith a different computer name too?Sounds like a joke, but stuff happens.TIA-arifi
View 3 Replies
View Related
Aug 24, 2006
I have been asked to move a system running MS SQL 2000 Server from a workgroup to a domain. The SQL server is running in SQL Authentication and the services are running as local system.
Will SQL Server break after the move?
Any advice will help. I thought I remember this being the case, but possibly only with Windows Authentication.
View 3 Replies
View Related
Jan 21, 2015
SSISDB 2014 - Enabling CLR - Is there are kind of security risks for enabling CLR when creating SSISDB?
View 0 Replies
View Related
Mar 30, 2006
Hi,
My server administrator has created a few users as domain user privilege for connecting SQL server from my application. However it faild to connect, and
with Domain Admin privilege, my app is running ok.
I asked admin person to upgrade domain user privilege to connect SQL server,
but he couldn't do this for security reason, and told it should work with domain user.
Is it true for domain user to connect SQL server without any problem?
Do I need to add the user, domain user, into Logins of Security inside SQL server Enterprise Manager?
Or inside users of my database section of SQL server EManager?
Thanks,
dixon
View 1 Replies
View Related
Jul 20, 2005
Hi all,Have a situation that my company has never run across before. Clientis running NT4 for the domain server, using terminal services 2000 andrunning an application with a SQL Server backend and they areexperiencing locking problems. Once one person gets locked out theneveryone trying to access that tables is also locked out as a result.It is not specific to a certain User, or module within theapplication. It's not a specific time of the day (like when a backupwould be running) and sometimes it's in the middle of the night whenthere are actually less Users on the system.We have 500 customers using this application. Most are using SQLServer backend, alot of the newer customers are using TerminalServices, and the number of Users is not accessive as compared to ourother customers. THe only difference is that I do not specificallyknow of another client with an NT4 Domain server in the mix.We actually switched to SQL Server as the recommended back end due tolocking issues using SQLBase because SQL Server is row locking andSQLBase is page locking. Since making this change we have stoppedseeing the locking for years until now. Is this a SQLServer issue orissue with the NT Domain server?Anyone have any ideas???ThanksA
View 3 Replies
View Related
Apr 4, 2007
Subject problem has me quite vexed.
I am receiving the following error when attempting to access reporting services... to sum things up real nice and tidy-
I get three login prompts - then the access denied response. It is almost as if it is unable to authenticate the user... anyway... here's the actual error response, I'd really appreciate any input/insight/resolution.
Server Error in '/Reports' Application.
Access to the path 'C:Program FilesMicrosoft SQL ServerMSSQL.2Reporting ServicesReportManager�in' is denied.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.UnauthorizedAccessException: Access to the path 'C:Program FilesMicrosoft SQL ServerMSSQL.2Reporting ServicesReportManager�in' is denied.
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[UnauthorizedAccessException: Access to the path 'C:Program FilesMicrosoft SQL ServerMSSQL.2Reporting ServicesReportManager�in' is denied.]
System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) +2014163
System.IO.Directory.InternalGetFileDirectoryNames(String path, String userPathOriginal, String searchPattern, Boolean includeFiles, Boolean includeDirs, SearchOption searchOption) +1817
System.IO.Directory.GetDirectories(String path, String searchPattern, SearchOption searchOption) +36
Microsoft.ReportingServices.Diagnostics.Localization.GetInstalledCultures() +112
Microsoft.ReportingServices.Diagnostics.Localization..cctor() +66
[TypeInitializationException: The type initializer for 'Microsoft.ReportingServices.Diagnostics.Localization' threw an exception.]
Microsoft.ReportingServices.Diagnostics.Localization.SetCultureFromPriorityList(String[] localeList) +0
Microsoft.ReportingServices.UI.GlobalApp.Application_BeginRequest(Object sender, EventArgs e) +157
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +92
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +64
Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET Version:2.0.50727.210
View 1 Replies
View Related
Jun 19, 2007
Hi.
I don't know how to change the collation in SQL Server 2000, my collation is Modern_Spanish_CI_AS, if somedoby knows the procedure to change the collation I would be thankful.
Thank you again and best regards.
Christian
View 1 Replies
View Related
Jul 23, 2005
Dear All,I have one field in my table which shows the day of the week. It isshowingSunday = 1Monday = 2Tuesday = 3But i want Monday is the first day. I know i can use DATEFIRST tochange it but it works in Query Analyzerbut when i come and see mytable it is showing the old settings. Is it possible i can change itpermanently. Any help in this regard will be higly appreciatedRegardsS
View 2 Replies
View Related
Sep 26, 2006
I'm trying to run a test from my test environment which is a non-domain Windows 2000 server to access my domain 2003 with SQL2005. I have install 2005 tools to try to access the SQL server.
- I have try following the KB265808 - no success.
- Reading alot of blogs and it seems all are pointing to the same problem. "Remote access" but the settign is enabled.Error Message:
TITLE: Connect to Server
------------------------------
Cannot connect to ardsqldatawh.
------------------------------
ADDITIONAL INFORMATION:
An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (Microsoft SQL Server, Error: 53)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&EvtSrc=MSSQLServer&EvtID=53&LinkId=20476
Question: Could Windows 2003 security be blocking access? I'm using sa account to access.
Also, sa account does not seems to work for remote access. It is ok when accessing locally.
Any help would be appreciated.
949jc
View 1 Replies
View Related
May 23, 2007
Why is it that when you change a field name is SQL Server it sometimes completely messes things up. I renamed a field in one of my tables from Emp# to EmpNumber. I had a view based on this table and naturally I knew I would have to change a view I had based on the table. I opened the view and changed the field from Emp# to EmpNumber but when I tried to open the view I got an error “Invalid column Name EMP#”. I have not been able to fix this. I have dropped and recreated the view, refreshed all the objects using enterprise manager, refreshed all the objects using Query Analyzer, shut down and restarted my computer, taken my database offline and put it back on line. The field name EMP# is not in any tables in my database and not referenced any views or procs . I am just starting on this database so I could verify this very easily because I only have a few views and procs.
Has anyone had this problem or more importantly does anyone know why this is happening or how to fix it?
View 9 Replies
View Related
Sep 28, 2007
Hi,
We have the followoing:
-A "master domain" AD, a "sub domain" AD, a trust relationship between the two (sub trust master)
-A sql server 2005 on a win server 2003 in "sub domain" AD
-A linked server to "sub domain" AD
-A linked server login using a "sub domain" admin acccount
-A view to this linked server
-A grant on masterDomain/Domain Users to the database
-A grant on subDomain/Domain Users to the database
-We want all connections done through "Windows Authentication" not "Database Authentication".
Queries on the view work fine using "sub domain" user accounts.
Queries on the view fail using "master domain" user accounts (including master domain admin accounts)
"Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "ADsDSOObject" for linked server "ADSI" reported an error. The provider indicates that the user did not have the permission to perform the operation."
All connections are done through "Windows Authentication" not "Database Authentication".
Can we establish cross domain connectivity with "Windows Authentication" ?
Below are details of the implementation:
SELECT TOP (100) PERCENT *
FROM OPENQUERY(ADSI,
'SELECT displayname, givenName, sn, cn (etc...)
FROM ''LDAP://OU=PEOPLE,DC=subDomain,DC=com''
WHERE objectCategory = ''Person'' AND objectClass = ''user'' ')
EXEC sp_addlinkedsrvlogin @rmtsrvname ='ADSI', @useself='false',
@rmtuser='subDomainAdminAccnt', @rmtpassword='sunDomainAdminAccntPassword';
In SQL Server Mngt Studio in Server Objects/Linked Servers/Providers/ ADSI properties security tab I have:
"connections will: <be made using this security context> Remote login:'subDomainAdminAccnt' With password: 'subDomainAdminAccntPassword'
Error:
Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "ADsDSOObject" for linked server "ADSI" reported an error. The provider indicates that the user did not have the permission to perform the operation.
Msg 7320, Level 16, State 2, Line 1
Cannot execute the query "SELECT displayname, givenName, sn, cn
FROM 'LDAP://OU=PEOPLE,DC=subDomain,DC=com'
WHERE
objectCategory = 'Person'
AND objectClass = 'user'
" against OLE DB provider "ADsDSOObject" for linked server "ADSI".
View 7 Replies
View Related
Mar 27, 2007
Hello...
When I migrated data from one SQL Server to another I got collection problems because collation of the target server was different from the source one.
The best solution I thought about was to change collation of the database in target server to be equal to the server collation so that when a temporary table is created, and the collation used would be the server collation, no error would occur. All sounds logic, but, after I ran ALTER DATABASE command and changed the collation of the database, I verified that all varchar fields of all database tables retained the old collation, not the new database collation I set.
Is there any way to change the collation of all fields at once when I change the database collation?
Thanks for your help
Jaime
View 1 Replies
View Related
Aug 14, 2006
I have a third-party application that requires IIS. The application will only be accessed internally by employees. What are the risks of combining IIS and SQL Server on the same server?
Thanks, Dave
View 2 Replies
View Related
Aug 14, 2007
Our network guys created a new domain as part of their migration from NT4 to active directory. They are asking us to modify our sql servers (2000) to use the new domain accounts. For example domain1/user is now domain2/user. Once this is complete the old domain will be disabled. My question is how difficult is this to accomplish in SQL? SQL has startup accounts, logins, DTS packages, Scheduled jobs, maintenance plans, etc. It seems to me that this is a major effort? Any help on the do's and don'ts would be greatly appreciated. Any articles would be helpful too. I could sure benefit from anyone who has been down this path before.
View 1 Replies
View Related
Apr 18, 2007
Hello everyone, I have searched the forum regarding this topic and have found numerous good threads about installing SQL Express on a DC. My question is, I am assuming that if installing SQL Express on a Domain Controller is not recommended, that installing the MSDE 2000 on a Domain Controller is not recommended either?
Thanks in advance to all replies!
Tim
View 3 Replies
View Related
Feb 26, 2008
Hello all,
Here I need some help or suggestions for the following topic...
I am using SQL server 2000 enterprise edition installed on the machine. Now I wanted to change the edition from enterprise to standard.
There are around 4 user databases exists on the server.
What are the areas I have to take care while doing this? Could I do as normal installation?
No log shipping implemented on the server.
Your suggestions would be very helpful to me.
Thanks in advance.
View 4 Replies
View Related
Jan 18, 2008
I'm attempting to write a script that I can execute accross 30 servers that will create a domain login and subsequently grant access to said account on all databases per server. The only problem that I'm running into is trying to dymanically create the login. Example source is below.
declare @sql varchar(1000)
declare @loginname varchar(50)
select @loginname = 'DOMAINaccountname'
set @sql = 'if not exists (select * from master.dbo.syslogins where name = N' + char(39) + 'DOMAINaccountname' + char(39) + ')' + char(10) + char(13)
set @sql = @sql + 'begin ' + char(10) + char(13)
set @sql = @sql + char(9) + 'exec master.dbo.sp_grantlogin ' + quotename(@loginname)
print @sql
exec (@sql)
Here is the generated output and the error. Any suggestions would be appreciated.
if not exists (select * from master.dbo.syslogins where name = N'DOMAINaccountname')
begin
exec master.dbo.sp_grantlogin [DOMAINaccountname]
Msg 102, Level 15, State 1, Line 3
Incorrect syntax near 'DOMAINaccountname'.
View 4 Replies
View Related
Mar 6, 2008
Based on our database infrastructure, we need to secure our SQL databases. The security issue concerns on allowing a limited number of Domain Admin users to access the SQL databases.
We tried certain ways, based on the documents in the Microsoft web site, but we couldn€™t reach to the point of preventing the Domain Admin users accessing the SQL databases.
Thanks in advance.
View 5 Replies
View Related
Aug 29, 2006
My company has recently sold a part of its business, and along with that business goes a live SQL 2000 server. However, the license for said SQL Server was not part of the sale. So, to make a long story short I've been tasked with finding a way to A) change the license key of the existing installation to the new owner's license key while B) keeping the existing installation intact and running.
Now I've done enough digging to know exactly where the key info is kept in the registry (in HKEY_LOCAL_MACHINESoftwareMicrosoftMicrosoft SQL ServerRegistration), but I'm more than a bit leery of changing the key at the registry level without confirmation that it will work. I do have a test server I can use as a test if necessary, but I'd prefer to get more feedback before I begin trials.
Thank you in advance
View 1 Replies
View Related
Apr 5, 2007
I have a root domain and child domain.
After using ADMT to migrate the domain user or group into the root domain, when I use enterprise manager to try and change the permissions allocated to that domain user/group, i get the 'Error 15401 NT user or Group not found'.
This is a correct error as the user is now in the root domain, however sql (in sysxlogins) still thinks its in the child domain.
Is there a simpler way, other than collecting the users permissions, deleting the user from SQL then adding back in with the correct domainusername format, then adding the permissions back?
I tried renaming the 'name' in sysxlogins (not recommended) and while that worked, whenever I tried to add the migrated user to another database, the login name was missing and would not resolve.
I believe it is something to do with the SID not matching.
Any ideas on how to fix this ?
View 1 Replies
View Related
