Any help will be appreciated.
To clarify few things I have no previous MS SQL experience, did some Oracle and MySQL work.
I will have to move one Win 2000 server with MS SQL 2005 running one database to our AD 2003 environment. I was wondering if anybody already went through that kind of scenario, and what was the procedure.
Thanks
I am trying to find resources of comsiderations / steps to take when changing a sql server instatnce's domain, the name will be the same but it is being moved to a new domain.
One thing i have realised is that replciation must be completely removed and reconfigured , since the sunscriber / distributor are all going to the new domain.
replcation still obviously referencing the old domain.
But what are all the other things that may be affected. A link to an article with details of how to move a sql server 2005 instance to a new domain would be great i just cant find one.
After using ADMT to migrate the domain user or group into the root domain, when I use enterprise manager to try and change the permissions allocated to that domain user/group, i get the 'Error 15401 NT user or Group not found'.
This is a correct error as the user is now in the root domain, however sql (in sysxlogins) still thinks its in the child domain.
Is there a simpler way, other than collecting the users permissions, deleting the user from SQL then adding back in with the correct domainusername format, then adding the permissions back?
I tried renaming the 'name' in sysxlogins (not recommended) and while that worked, whenever I tried to add the migrated user to another database, the login name was missing and would not resolve.
I believe it is something to do with the SID not matching.
1. How could I change the Domain within SQL Server. 2. When the NT Server changed to a new domain, Does the SQL server change also? Could someone help me. Thank you.
I have a client who we are upgrading from ms sql 7 to 2000. At the same time we are doing this, we are moving off an old domain, and old servers.
When I try to use DTS to move the whole database, it fails becaue the users don't exist on the new domain ( ie.. olddomainjay is not a user. That user is now newdomainjay).
What can I do to migrate the databases and not the permissions?
Our network guys created a new domain as part of their migration from NT4 to active directory. They are asking us to modify our sql servers (2000) to use the new domain accounts. For example domain1/user is now domain2/user. Once this is complete the old domain will be disabled. My question is how difficult is this to accomplish in SQL? SQL has startup accounts, logins, DTS packages, Scheduled jobs, maintenance plans, etc. It seems to me that this is a major effort? Any help on the do's and don'ts would be greatly appreciated. Any articles would be helpful too. I could sure benefit from anyone who has been down this path before.
Within our Exchange Environment we use Blackberry. Our Blackberry Server is using SQL Server 2005 Express. We're migrating from Exch 5.5 to Exch 2003 (new server for 2003). Now the new Exch Server is in our new Active Directory Domain to which is not named the same as our NT Domain for obvious reasons.
Anyway, after I decomission the 5.5 Exch Server, I want to rename the Blackberry Server and move it to the new domain. Will SQL Server 2005 Express squak at me for doing this??
Hi All, I would like to rename a login SAMPLE-ITean to NEWDOMAINean, but i get this message: "The name change cannot be performed because the SID of the new name does not match the old SID of the principal."
the command is : alter login [SAMPLE-ITean] with name=[NEWDOMAINean] server is sql2005 std (initial base)
what can i do ( there are lot of db on this instance and there are lot of instance where I have to change the domain of the user...) ... and there are lot of user whom I have to change it...:-(
Hi everyone, We currently have a server running SQL server 2000 and 2005 instances on our domain. The servers are used for a couple of different applications. Our network manager is implementing a domain change in the next few months, but isn't familiar with SQL servers. I was wondering if anyone knew about any possible issues with changing the domain the database server machine is connected to. The computer name won't change, and neither will the server instances. Many thanks in advance for any ideas / help on this
Is there a way to change a logins based on domain users, we just changed domains so all the domainlogin logins are not working anymore. Do I have to reapply every security on every database object? There has to be a fix for this, its a common thing.
Any help is greatly appreciated, everything i googled applied to SQL Server 2000 and system tables that dont exist in 2005
Hello everybody..Is there a way to fix the SQL Server 2000 installation when the Server afterthe server has been disjoined form its old domain and added to a new domainwith a different computer name too?Sounds like a joke, but stuff happens.TIA-arifi
For the past couple of days, I have been trying to get my SQL Server to work with Distributed Views. I am created linked servers, linked server logins, set XACT Abort ON.
I am successful in running a select against the distributed view, but was unable to run an "INSERT"
When I try a simple insert, the query took 3:14 minutes. Then I get an error message like:
Server: Msg 7391, Level 16, State 1, Line 1 The operation could not be performed because the OLE DB provider 'SQLOLEDB' was unable to begin a distributed transaction. [OLE/DB provider returned message: New transaction cannot enlist in the specified transaction coordinator. ] OLE DB error trace [OLE/DB Provider 'SQLOLEDB' ITransactionJoin::JoinTransaction returned 0x8004d00a].
I have checked that MSDTC is running and configured under a domain account on both machines - running sQL 2000 and win2K
I have been unsuccessful still after tinkering for several days. I have checked my network configurations and noticed that when I try to ping the other machine by name, I don't get a response. I can only get a response to a ping when I enter the IP address directly.
Could this be a problem? Also, I noticed that for some strange reason, whenever I ping from either machine it is showing an external IP - always the same one no matter which computer name I try to ping. Something like 209.xxx.xxx.xxx instead of the 192.xxx.xxx.xxx that I expect.
Finally, I thought that problem was possibly due to incorrect Active Directory configuration. I tried to remove both machines from the domain by changing them to a workgroup "TEST" instead of the domain.
When I restarted the PC, I am unable to start SQL Server. It shows the Red Stop sign. When I try to start it, it gives an error like: Service could not start because one or more dependencies failed.
When I add the machine back to the domain, SQL server starts working on reboot.
We have 2 node sql 2012 cluster and we have a scenario where domain,IPs,Hostanmes and SQL network name are changing.
1> Can SQL cluster role be brought online by changing the sql network name and its IP once windows team reconfigure the OS cluster or there will be any challenges.
2>should I uninstall sql cluster on both nodes then windows will destroy OS cluster and they then they need to change IP,hostname and domain and then fresh installation of sql cluster
I've selected a domain-based attribute for one of the leaf member attributes in the same entity, aka parent id, since it's a self-referencing entity. However, I cannot find a way to display anything but the code value in the drop-down (see below).
Is there a way to change the display value so that I can choose the attribute from the entity from which I want the user to choose? In other words, I would like to display the hierarchy name instead of the code, which is really just the primary id.
-A "master domain" AD, a "sub domain" AD, a trust relationship between the two (sub trust master) -A sql server 2005 on a win server 2003 in "sub domain" AD -A linked server to "sub domain" AD -A linked server login using a "sub domain" admin acccount -A view to this linked server -A grant on masterDomain/Domain Users to the database -A grant on subDomain/Domain Users to the database -We want all connections done through "Windows Authentication" not "Database Authentication".
Queries on the view work fine using "sub domain" user accounts. Queries on the view fail using "master domain" user accounts (including master domain admin accounts)
"Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "ADsDSOObject" for linked server "ADSI" reported an error. The provider indicates that the user did not have the permission to perform the operation."
All connections are done through "Windows Authentication" not "Database Authentication".
Can we establish cross domain connectivity with "Windows Authentication" ?
Below are details of the implementation:
SELECT TOP (100) PERCENT * FROM OPENQUERY(ADSI, 'SELECT displayname, givenName, sn, cn (etc...) FROM ''LDAP://OU=PEOPLE,DC=subDomain,DC=com'' WHERE objectCategory = ''Person'' AND objectClass = ''user'' ')
In SQL Server Mngt Studio in Server Objects/Linked Servers/Providers/ ADSI properties security tab I have:
"connections will: <be made using this security context> Remote login:'subDomainAdminAccnt' With password: 'subDomainAdminAccntPassword'
Error: Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "ADsDSOObject" for linked server "ADSI" reported an error. The provider indicates that the user did not have the permission to perform the operation.
Msg 7320, Level 16, State 2, Line 1
Cannot execute the query "SELECT displayname, givenName, sn, cn
FROM 'LDAP://OU=PEOPLE,DC=subDomain,DC=com'
WHERE
objectCategory = 'Person'
AND objectClass = 'user'
" against OLE DB provider "ADsDSOObject" for linked server "ADSI".
we recently migrated from our in-house domain to the Enterprise domain. Everything went smooth except for the fact that I can no longer accept my dBs using my SA or my domain admin account. There is only 1 account I can get into the management studio with but it has no admin privileges, so I can't make any password changes or add accounts. I don't have a test environment so kind of hesitant to experiment with our production system.
I recenly installed SP1 on 2 servers. For some strange reason I am unable to run the SQL service or the SQL Agent service using the normal SQL service domain account. It has always worked and is currently running on the other server without a problem.
I know it's not possible, I've read the KBs. But I don't understand why not - from my testing, it looks like the only things that break are the domain groups to which the service logins are added. The service logins can be changed, as can the IPs, and SQL starts up just fine. The only problem is the domain groups.
I saw this KB:
http://support.microsoft.com/?kbid=910708
which says this:
After you install a SQL Server 2005 failover cluster, you can change the service accounts, but you cannot change the domain groups. If you want to use different domain groups, you must uninstall and then reinstall SQL Server 2005.
But it doesn't elaborate, it just says that the groups cannot be changed. Why not? That seems silly to me - it's not just a line in a config file somewhere? Can someone please give me a good reason why the groups cannot be changed?
I currently have replication (transactional) set up within my domain successfully using 2000 and 2005. I need to start replicating to a hosting center for a web app from my server out on the DMZ. I can use SSIS and SMS to connect, update data, etc. but when I try to replicate out there it gives me the following errors:
1. Tells me it needs a named instance so I give it the hosted server name : ABC123
2. Then I get the following:
TITLE: Connect to Server ------------------------------
Failed to connect to server ABC123. (Microsoft.SqlServer.ConnectionInfo)
------------------------------
An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (Microsoft SQL Server, Error: 53)
Attempting to link Access 2003 to SQL 2005, there is something keeping from doing so.
1 I setup the instance as sqlexpress.
2 I have a database shell there also.
3 It connects when I start the instance service.
4 My remote connections are configured to handle TCP/IP & Named Pipes.
Not in this order, but you get the idea. Now that I have these in place, I went first to the Access 2003 database to link the tables to this. When I came accross trouble in the form of need for a DSN to the domain for the things I created above.
In attempting to create one that looked functional, I came back to the same step. But, unsuccessful to link the tables again because browsing to that domain does not even show that particular file. This is the problem.
I do believe that once I am able to select a DSN, I will have a "healthy baby connection". I will then be the proud father of my first Server-side database setup!!!! But I am trying to get over these labor pains.
Currently we run a certain instance , agent under local system on a server.
I want to create specific domain accounts for the sql server service and agent, now i know that one should create these accounts with the least priviledge for security reasons.
cannot find the topic in BOL, can some please give me the BOL topic or a link to exactly what the least priviledge is for the domain accounts for sql server services.
I would like to install SQL server 2005 cluster on Windows 2003 cluster. Is domain controller (AD and DNS) necessary for the SQL server 2005 cluster? If yes, may I install it on one of the SQL server 2005 cluster nodes? Thanks in advance
Hi! I am trying to establish connection from different domain using ODBC driver with no luck! I am able to do it within my domain from any place, but it fails from outside. I have two-ways trust established between domains. Users are able to see and use resources both ways. When I create ODBC it doesn't matter if I use SQL or Windows NT authenctication, I am getting error:
Connection Failed: SQLState: '01000' SQLServer Error: 11004 [Microsoft][ODBC SQL Server Driver][TCP/IP Sockets]Connection Open (getbyhostname()() ) Connectio Failed: SQLState: '08001' SQL Server Error: 11
I tried to set it with TCP Static Port or Dynamic. No difference. What should I look into?
I have an xp dev machine i use which has sql server 2005. I skipped installin sp1 on sql server and went to sp2 directly. I tried over and over again but getting following errors. Not sure how to fix it.
Product : Database Services (MSSQLSERVER) Product Version (Previous): 1399 Product Version (Final) : Status : Failure Log File : C:Program FilesMicrosoft SQL Server90Setup BootstrapLOGHotfixSQL9_Hotfix_KB921896_sqlrun_sql.msp.log Error Number : 29528 Error Description : MSP Error: 29528 The setup has encountered an unexpected error while Installing Local Groups. The error is: A member could not be added to or removed from the local group because the member does not exist.
---------------------------------------------------------------------------------- Product : Analysis Services (MSSQLSERVER) Product Version (Previous): 1399 Product Version (Final) : Status : Failure Log File : C:Program FilesMicrosoft SQL Server90Setup BootstrapLOGHotfixOLAP9_Hotfix_KB921896_sqlrun_as.msp.log Error Number : 29528 Error Description : MSP Error: 29528 The setup has encountered an unexpected error while Installing Local Groups. The error is: A member could not be added to or removed from the local group because the member does not exist.
---------------------------------------------------------------------------------- Product : Reporting Services (MSSQLSERVER) Product Version (Previous): 1399 Product Version (Final) : Status : Failure Log File : C:Program FilesMicrosoft SQL Server90Setup BootstrapLOGHotfixRS9_Hotfix_KB921896_sqlrun_rs.msp.log Error Number : 29528 Error Description : MSP Error: 29528 The setup has encountered an unexpected error while Installing Local Groups. The error is: A member could not be added to or removed from the local group because the member does not exist.
After going into detailed log file i noticed this account its trying to use,
MSI (s) (A8!54) [17:13:45:891]: PROPERTY CHANGE: Adding SQLBROWSERACCOUNT property. Its value is 'PHXNT1ADMINISTRATOR'.
MSI (s) (A8!54) [17:13:45:907]: PROPERTY CHANGE: Adding AGTACCOUNT property. Its value is 'PHXNT1ADMINISTRATOR'. Restored account SQLBROWSERACCOUNT=PHXNT1ADMINISTRATOR MSI (s) (A8!54) [17:13:45:907]: PROPERTY CHANGE: Adding SQLACCOUNT property. Its value is 'NT AUTHORITYSYSTEM'. Restored account AGTACCOUNT=PHXNT1ADMINISTRATOR
MSI (s) (A8!84) [17:13:48:109]: PROPERTY CHANGE: Adding Rollback_sqlGroupMember.D20239D7_E87C_40C9_9837_E70B8D4882C2 property. Its value is '100Installing Local Groups50000SQLServer2005SQLBrowserUser$PHOENIXDEV2PHXNT1ADMINISTRATOR'.
MSI (s) (A8!84) [17:13:48:343]: PROPERTY CHANGE: Adding Do_sqlGroupMember.D20239D7_E87C_40C9_9837_E70B8D4882C2 property. Its value is '110Installing Local Groups50000SQLServer2005SQLBrowserUser$PHOENIXDEV2PHXNT1ADMINISTRATOR'.
my domain was upgraded from nt to 2003 long time ago from phxnt1 to phxad1 which i dont know why it still try's to use the old account. The old domain is still online would this cause this problem not sure.
I'm attempting to write a script that I can execute accross 30 servers that will create a domain login and subsequently grant access to said account on all databases per server. The only problem that I'm running into is trying to dymanically create the login. Example source is below.
declare @sql varchar(1000)
declare @loginname varchar(50)
select @loginname = 'DOMAINaccountname'
set @sql = 'if not exists (select * from master.dbo.syslogins where name = N' + char(39) + 'DOMAINaccountname' + char(39) + ')' + char(10) + char(13)
I am installing SQL Server 2005 on a server (Windows Server Enterprise Edition 2003 SP2) that is not domain controller and on the screen "Service Account" I checked the box "Customize for each service account" and typed a domain account (it has permission to "logon as a service"), its password and domain, and when I click the "Next" button, I am getting the error below:"SQL Server Setup could not validate the service accounts. Either the service accounts have not been provided for all of the services being installed, or the specified username or password is incorrect. For each service, specify a valid username, password, and domain, or specify a built-in system account. "
I have a SQL Server 2005 Express edition instance set up on one server, and IIS on another server.
The SQL Server process account is a domain user account, which I have added to the local groups that SQL Server created during installation (I originally used a local user account instead of domain account; however, the problem occurs with both).
SQL Server runs fine, and if I set my IIS application pool identity to a domain admin, my web app can access the database and retrieve the data necessary.
However, I have a domain user account that I want to use to run the app pool and retrieve the data. The domain user account is added to the IIS_WPG group on the web server. On the database server, I have created a login for the account, as well as added it to the db_datareader role of the database that is used for the site.
However, the user is not able to connect to the SQL Server. I get the "Login failed for user <user account>" error in ASP.NET. I also tried connecting with SQL Server Management Studio, and I get the same error. I checked and the user has connect permission to the database server.
With admin accounts, there are no problems logging in, etc.
Any pointers are appreciated,
Thanks,
SA.
Edit: I was able to find out that the State is 11 for the error. According to http://blogs.msdn.com/sql_protocols/archive/2006/02/21/536201.aspx, this indicates "Valid login but server access failure." I am not sure how to resolve this.
I have DBA that is convinced that they need domain admin rights to install SQL 2005 into an existing cluster. The domain groups and service accounts for SQL have been created already. Is having domain admin rights required during the install of SQL 2005 in a cluster?
I'm trying to run a test from my test environment which is a non-domain Windows 2000 server to access my domain 2003 with SQL2005. I have install 2005 tools to try to access the SQL server.
- I have try following the KB265808 - no success. - Reading alot of blogs and it seems all are pointing to the same problem. "Remote access" but the settign is enabled.Error Message:
TITLE: Connect to Server ------------------------------
An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (Microsoft SQL Server, Error: 53)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&EvtSrc=MSSQLServer&EvtID=53&LinkId=20476
Question: Could Windows 2003 security be blocking access? I'm using sa account to access.
Also, sa account does not seems to work for remote access. It is ok when accessing locally.
Can anyone help me with a problem I have with SSRS 2005? How do I configure SQL Server 2005 Reporting Services to deliver subscription e-mails to addresses external to my windows domain?
I've been having trouble configuring the Report Server e-mail delivery component to send subscription e-mails to addresses outside the domain on which the report server is hosted.
For e.g. since my local windows domain is named "smartsystems.com", I have found that the Report Manager does not have any problems sending subscription mails to "eawagu@smartsystems.com" but throws up an error whenever I include "eawagu@yahoo.com" in the recipients' list.
Hi all,it happen to me a strange problem:i have a mdb file (in Access 2K) with SQL Server 2K linked tables whoruns on a workstation which is on a different domain that the SQLServer. It works.If i create a mdb file from a workstation which is a the domain of theSQL Server and then i run it a my non-domain workstation i have errormessage:Login failed for user '(null)'. Reason: Not associated with a trustedSQL Server connectionBut if i reattached my tables it works.If someone have an idea....PS: same ODBC on both machines