Display Data In Reports Based On Active Directory Group Membership...
Aug 9, 2007
Hello,
I am fairly new to SQL 2005 and Reporting Services.
We are trying to create a report that will display sales data based on group membership from Active Directory.
For example, if USER1 logs in and looks at a Year to Date Sales report, it will only show data that pertains to his group. If USER2 logs in and accesses the same report, it will display different Year to Date information because he is in a different group.
Background Information: We are running SQL 2005 Enterprise Edition Service Pack 2 with Analysis and Reporting Services. We are delivering the reports through a Sharepoint site.
Please let me know if anyone has a good way to tackle this.
Thanks,
Justin
View 6 Replies
ADVERTISEMENT
Jun 8, 2012
For code reuse, I am trying to get a table valued function to return users of a given AD group name. I can easily get this with hard-coding the group name. But because OpenQuery wont accept parameters, I can't insert my group name there. And because functions can't call dynamic SQL, I can't do it via dynamic sql. I have seen people do it with CLR, but I rather not go that route. I can use a stored procedure + cursor and iterate through each group and store the results into real tables and create a cache, but I rather query Active Directory itself to save space, but I rather do the caching then the CLR. Any approach I am missing on how to do this?
The following works fine:
SELECT DISTINCT sAMAccountName
FROM OPENQUERY(ADSI, 'SELECT sAMAccountName, sn
FROM ''LDAP://OU=SomeOU,OU=SomeOtherOU,DC=SomeDC,DC=SomeOtherDC''
WHERE objectCategory=''Person'' AND objectClass=''USER'' AND memberOf=''CN=SomeGroupName,OU=SomeOU,OU=SomeOtherOU,DC=SomeDC,DC=SomeOtherDC''') a
WHERE sn IS NOT NULL
The following gives me the error:
Invalid use of a side-effecting operator 'EXECUTE STRING' within a function.
CREATE FUNCTION [dbo].queryADGroupMembers
(
@group nvarchar(255)
)
RETURNS @rtnTable TABLE
[Code] .....
View 7 Replies
View Related
Mar 29, 2007
I'm not sure this is an actual reporting services question but has someone else created reports for active directory in Reporting Services
I want to create a report with users and their respective manager. I have this working in reporting services but I just want the manager name how could I strip out all the other information in the manager field??
SELECT personalTitle, manager, name, employeeid, distinguishedName
FROM 'LDAP://dc=xxx,dc=xxx,dc=xxxt'
WHERE objectClass = 'user' AND objectCategory = 'Person'
ORDER BY name
I get this as the manager name, I just want his name
CN=Smith, Kurt,OU=Financial,OU=DataControl,OU=Users-Groups,DC=xxx,DC=xxx,DC=xxx
Thank you,
View 6 Replies
View Related
Aug 30, 2007
Hi Experts,
I have a reporting scenario, where the reports are fetched from Analysis Services.
The reports should display data only spcecific to that user.
All users except those in admin roles should be validated using the Windows Authentication ID and data specific to them has to be displayed.
Any pointers/suggestions on how to implement this in Reporting services/ Analysis Services 2005 would be highly appreciated
Thanks,
View 1 Replies
View Related
May 8, 2007
Is there a way that we can tell what active directory group the person belongs to that is running the report? I know that you can detect a user id, but I need to access the Active Directory Group that they belong to.
View 1 Replies
View Related
Mar 18, 2007
How do you limit access to data based on Active Directory group membership and/or SQL Server database access?
View 1 Replies
View Related
Jul 17, 2014
Is it possible to check for Active Directory group.. ie see if the user running the Stored Proc, is in a specific Active Directory Group? Or if I set up Login's using Active Directory, can I get the Login that way... or will it give me the user's account?
View 6 Replies
View Related
Oct 1, 2015
Current: One common SQL login is being used by SQL DBA on all the servers
New Plan: Creating one windows AD group, adding the DBA's to that group and create as a login with sysadmin server access on all the SQL Server boxes
how to achieve this activity. Creating SQL login is fine but how to change the ownership of various objects, jobs to new login on all servers?
View 3 Replies
View Related
Sep 12, 2006
My question is I have a SQL Server running on Web Server which is a member of a 2000 Active Directory, I only grant access to the database via Global Groups from the Active Directory. When I log onto the database via Windows Authentication the actual user shows up in the master.dbo.sysprocesses table, I can tell what database that process is going to but not how that user is being translated to the Global Group that was actually given access. I need the actual database user name which is the Global Group name that had permissions granted via user defined database roles so that I can do some pre-processing in an ASP.NET application so that I know what parts of a form are updatable or not.
View 1 Replies
View Related
Aug 7, 2007
We are using Windows authenication within our system, and I was wondering how it would be possible to determine if the user conected to the SQL SERVER instance was a member of a particular active directory security group?
Thanks.
View 3 Replies
View Related
Jun 5, 2007
I look for and try to get data from Active Directory to MSSQL Server, but have same error:
Msg 7321, Level 16, State 2, Line 1
An error occurred while preparing the query "SELECT name
FROM 'LDAP://office.experter.group'
WHERE objectCategory = 'Person' AND objectClass = 'user'" for execution against OLE DB provider "ADsDSOObject" for linked server "ADSI".
for the code:
select * from openquery
(
ADSI,'SELECT name
FROM ''LDAP://office.experter.group''
WHERE objectCategory = ''Person'' AND objectClass = ''user'''
)
I create linked server:
EXEC master.dbo.sp_addlinkedserver @server = N'ADSI',
@srvproduct=N'Active Directory Services', @provider=N'ADsDSOObject',
@datasrc=N'office.experter.group'
I've changed security setting, format of LDAP. Please advise me
View 2 Replies
View Related
Apr 4, 2008
Hi,
Active Directory stores Information regarding Users, Groups & Policies etc.
Is it possible to export Complete User Information from active directory to text file?
If yes, please provide the steps. Thanking you.
View 1 Replies
View Related
May 29, 2015
How can I copy data like firstname, lastname, email from Active Directory into a SQL Server table?
View 4 Replies
View Related
Apr 6, 2007
Has anyone used this successfully from an OLEDB source component, or even from the Execute SQL Task? I've seen some examples of using a script component, but nothing that uses it through a connection manager.
View 6 Replies
View Related
Sep 29, 2015
I have an SSRS 2012 table report with groups; each group is broken ie. one group for one page, and there are multiple groups in multiple pages.
'GroupName' column has multiple values - X,Y,Z,......
I need to group 'GroupName' with X,Y,Z,..... ie value X in page 1,value Y in page 2, value Z in page 3...
Now, I need to display another column (ABC) in this table report (outside the group column 'GroupName'); this outside column itself is another column header (not a group header) in the table (report) and it derives its name partly from the 'GroupName' values:
Example:
Value X for GroupName in page 1 will mean, in page 1, column Name of ABC column must be ABC-X Value Y for GroupName in page 2 will mean, in page 2, column Name of ABC column must be ABC-Y Value Z for GroupName in page 3 will mean, in page 3, column Name of
ABC column must be ABC-Z
ie the column name of ABC (Clm ABC) must be dynamic as per the GroupName values (X,Y,Z....)
Page1:
GroupName Clm ABC-X
X
Page2:
GroupName Clm ABC-Y
Y
Page3:
GroupName Clm ABC-Z
Z
I have been able to use First(ReportItems!GroupName.Value) in the Page Header to get GroupNames displayed in each page; I get X in page 1, Y in page 2, Z in page 3.....
However, when I use ReportItems (that refers to a group name) in the Report Body outside the group,
I get the following error:
Report item expressions can only refer to other report items within the same grouping scope or a containing grouping scope
I need to get the X, Y, Z ... in each page for the column ABC.
I have been able to use this - First(Fields!GroupName.Value); however, I get ABC-X, ABC-X, ABC-X in each of the pages for the ABC column, instead of ABC-X in page 1, ABC-Y in page 2, ABC-Z in page 3, ...
View 4 Replies
View Related
Nov 6, 2001
Hi all,
Now I want get AD value(e.g file path),how can I get this value from AD?
Thanks
View 1 Replies
View Related
Nov 24, 2004
Hie,
Someone can tell me haw can i do in order to migrate my server sql to active directory.
What is the step
View 1 Replies
View Related
Jun 6, 2004
Hello,
I have recently upgraded my the server that runs SQL Server to an Active Directory Domain Controler. Now I can't connect to the SQL Server from ASP.NET Applications when the application is not located on the local machine. The error message I get is SQL Server does not exist or access is denied.
I have no problems connecting with QueryAnalyer and Enterprise Manager from my workstation. I have added the Sql Server to the directory via the "Active Directory"-tab in the Property window for my Sql Server Registration i Enterprise Manager.
If I copy a directory from the wwwroot on my workstation to the server the application has no problem to connect so the connectionstring seams to work fine.
Any ideas?
Regards,
Kalle
View 1 Replies
View Related
Nov 27, 2003
hi,
we have recently completed an upgrade to 2000 server and now have AD on our network.
How do i go about querying this from any of my SQL 2000 servers?
I have found a few websites that mention adding a linked server. I have never done this and am not sure how to query a linked server, if that is the way to go.
can anyone offer some advice please?:confused:
TIA
View 1 Replies
View Related
Sep 20, 2004
A little background, We have a DEV Server running SQL Server 2000. This is the first of many to be migrated from out NT Domain to our new AD (active directory Domain). All Domain user accounts have already been migrated.
When they migrated this first Server running SQL Server, I am getting the following error when I try to make the owner of a job (any job) run by the SQL Server Agent a domain account in the new AD - when I switch the ownership back to our old NT Domain, it works fine.
I am getting this error:
The job failed. Unable to determine if the owner (domainusername) of job testjob has server access (reason: Could not obtain information about Windows NT group/user 'domainusername'. [SQLSTATE 42000] (Error 8198)).
note that this is happening to all windows authenticated sql server accounts on this Server. All of these account are in the local Admin group on the Server.
Does anyone know what needs to be done in SQL Server to make the AD migration seemless???? I need to try and find this out before we begin migrating Production Servers. Thank you!!
View 6 Replies
View Related
Jul 12, 2001
Hi folks,
I'm try'n to find out if i need active directory for sql2000 if my primary network is running on windows2000? What are the pros and cons? Thanks!
Joe R.
View 1 Replies
View Related
Jul 22, 2004
Hi!
I want to write a trigger that add a new computer account in my active directory when I do an Insert in my MSSQL table.
I know how to use SELECTstatements using LDAP but I want to do a INSERT statement. Is that even possible?
Can you write vb code directly in SP i mssql 2000?
What I think I have to do is to have a vbscript that does the adding then call the script using exetended SP cmd execute passing the name to the script.
If someone has a another solutions please let me know!
Regards..
View 1 Replies
View Related
Nov 3, 2005
Hi there,
Is it possible to, somehow, get a specific users password from active directory? The reason I ask is that I am writing a new system and really don't want the users having to remember yet another password, but rather be able to use there network password? I would like to write the logon section myself and not use any built in functions that anything may have.
Please can someone advise. I don't think it is possible but have been asked to persue the issue.
Thanks
View 2 Replies
View Related
Sep 20, 2006
Hi,
I want to migrate my sqlserver to active directory.
Someone can tell me what is the procedure and how can i do ?
Someone have already do this migration ?
Regards
View 5 Replies
View Related
Jul 20, 2005
We are implementing Active Directory. I need to know if this will presentany issues/changes for our SQL Server 2000 servers.TIADave Edwards
View 1 Replies
View Related
Jul 20, 2005
HiI've created a stored procedure (see below) which accesses the ActiveDirectory and SQL server to get "real names" back. When I run thestored procedure in Query Analyzer it returns the expected results,however when I try to create a Web Assistant job based upon theprocedure I get the SQL-DMO message:Error 7410 Remote Access not allowed for Windows NT Useractivated bySETUSER.The procedure is being run (and the job created) as the account whichowns the SQL Server installation, and this account has AD adminpermissions.Any suggestions?CREATE VIEW dbo.vw_account_adASSELECT a.Name AS ad_name, dbo.Accounts.*FROM dbo.Accounts INNER JOINOPENQUERY(ADSI,'select SamAccountName, Name FROM''LDAP://w2k-bspad1/ ou=users,ou=bsp,DC=ad,DC=bl,DC=uk'' whereobjectcategory=''person'' ') a ONSUBSTRING(dbo.Accounts.Account_Name,CHARINDEX('', dbo.Accounts.Account_Name) + 1,LEN(dbo.Accounts.Account_Name) - CHARINDEX('',dbo.Accounts.Account_Name)) = a.SamAccountNameCREATE PROCEDURE [dbo].[usp_event_report] ASSET ANSI_NULLS ONSET ANSI_WARNINGS ONSELECT Code_Name, Account_Name + ' ('+ad_Name+')' as 'Account Name',Date_Occured, ResultFROM Usage_Codes, Usage, vw_account_adWHERE Usage.Code_ID = Usage_Codes.Code_IDAND Usage.Account_ID = vw_account_ad.Account_IDAND datepart(month,Date_Occured) = datepart(month,getdate())ORDER BY Code_Name, Account_Name, Date_OccuredGOChloe CrowderThe British Library
View 2 Replies
View Related
Oct 24, 2007
Hi there.
I have a request to build some reports that are specific to each user. Only the autheticated user should be able to see their report data and no one elses etc. How do I get data for the current autheticated user (via AD)? If this is via parameter, how do I hide the username/password in the url?
I am sure this has been done, but I couldn't find any good examples.
Thanks, Mike
View 2 Replies
View Related
Nov 19, 2007
Can someone please tell me or provide a link explaining how I can query the active directory for
usernames from sql server 2005. I'm actually creating usernames on the fly and I need to check if they already exist in the active directory. Thanks.
View 3 Replies
View Related
Apr 2, 2008
We want to use Active Directory with Oracle for User Authentication and accessing Oracle as well as storing the details in Oracle. Active Directory stores Information regarding Users, Groups & Policies etc.
We want to provide the access in Oracle for the users available in AD as well as export Complete User Information from active directory and keeping the updated information into some Oracle tables. What is the optimal method?
What configuration needed at Server/ Client End and How to do the same?
Kindly provide the steps. Please do the needful. Thanks.
View 4 Replies
View Related
Feb 6, 2008
We currently have Active Directory within our domain all Server 2003 based. We also have a SQL2005 database stand alone server (not currently joined to the domain). What we would like to do is utilize single sign on. Currently our users have to log into windows, then open an "in-house" program which asks for a different set of credentials for the SQL2005 database. How do we intergrate Active Directory login to also authenticate to the SQL database? Can we just join the stand alone SQL server to the domain, then from there add the Active Directory "security groups" into the database? Could someone point me in the right direction, thanks!
View 1 Replies
View Related
Jan 24, 2007
Is it possible to create a report in SSRS that queries Active Directory data such as user's phone extension, email address etc
What would be a good way to do this?
Thanks,
Nisha
View 7 Replies
View Related
Jun 1, 2006
Hi everybody. I have this problem: I have to access to the Active Directory of a remote server from my computer using SQL and make searches based on the LDAP of the server. Someone told me to use Add Linked Server, but I don't know how to do it with the Active Directory. Thanks for the help.
View 3 Replies
View Related
Jan 8, 2008
Need help understanding error message from CLR:
I encapsulated calls to Active Directory in a dll. This dll works very well for a call or a few calls. However when I wrote a winapp that calls many times repeatedly to this dll and consequently to DirectorySearcher, I recieve the following message after many iterations have been made: (while debugging, or in release mode same problem occurs)
Managed Debugging Assistant 'ContextSwitchDeadlock' has detected a problem in 'D:DevProjectsADQuerySysRegLoadPersGrpsSRLoadPersGrpsSRLoadPersGrpsinReleaseSRLoadPersGrps.vshost.exe'.
Additional Information: The CLR has been unable to transition from COM context 0x1a0998 to COM context 0x1a0b08 for 60 seconds. The thread that owns the destination context/apartment is most likely either doing a non pumping wait or processing a very long running operation without pumping Windows messages. This situation generally has a negative performance impact and may even lead to the application becoming non responsive or memory usage accumulating continually over time. To avoid this problem, all single threaded apartment (STA) threads should use pumping wait primitives (such as CoWaitForMultipleHandles) and routinely pump messages during long running operations.
Continue & breakAll after the above error thrown caused this system error code to be generated: H80131c25
Here's one of the subs in the dll that is causing the problem. After multiple calls to the directorySearcher, one or another call fails with the above error. (on the FindOne method here, but on the .GetDirectoryEntry method in another sub, random which one fails, it's the number of iterations that is the problem) Question I have is: Is the only way to stop this error to reduce or slow down the calls to DirectorySearcher?
Private Sub GetGroupName(ByVal GroupName As String, ByRef strDistinguishedName As String, ByRef strMsg As String)
Dim strFilter As String
Dim entry As DirectoryEntry
Try
strFilter = "(&(objectClass=group)(cn=" + GroupName + "))"
Dim myArr() As String = {"distinguishedName"}
Dim mysearchroot As DirectoryEntry = New DirectoryEntry(myLDAPPath)
Dim myDirectorySearcher As New DirectorySearcher(mysearchroot, strFilter, myArr, SearchScope.Subtree)
Dim mySearchResult As SearchResult = myDirectorySearcher.FindOne
If mySearchResult Is Nothing Then
Throw New Exception("Get Group Name: No groups by name: " & GroupName)
End If
entry = mySearchResult.GetDirectoryEntry()
strDistinguishedName = entry.Properties.Item("distinguishedName").Value.ToString
'cleanup
entry = Nothing
mySearchResult = Nothing
myDirectorySearcher.Dispose()
mySearchResult = Nothing
Catch e As Exception
strMsg = "Failed to Get Distinguished Group Name for: " + GroupName + " " + e.Message
strDistinguishedName = ""
End Try
End Sub
View 4 Replies
View Related