I have an MS Access front end that links to an sql server 2005 database. The access front end uses NT Integrated security which should authenticate and authorize users.
Unfortunately it is not working this way. I have domain users (Active Directory) which I have given permissions to on my database and have given them, say db reader or db writer previliges.
Not only do these previliges NOT work, any user that is on the network can access the database and can read/write onto it as long as he has the MS Access front end.
I'm pulling my hair (and I dont have much left) trying to figure out what I am missing.. or if I even have the whole NT integration logic right.
One point worth mentioning is that if I change the connection type to 'SQL password authentication', the MS access front end prompts for a username and password and user permissions are set just they way i have set them in sql server 2005. But the only problem with this is that any person can just go and change the connection property in the MS Access front end back to NT integration and he/she can access the database with no restrictions whatsoever.
I have trying to execute the Sendmail task in my development envinorment i face this error..I have given the clear details error message below,Please have a look.
[Send Mail Task] Error: An error occurred with the following error message: "Failure sending mail. System.Net.WebException: Unable to connect to the remote server System.Net.Sockets.SocketException: An attempt was made to access a socket in a way forbidden by its access permissions ".Alternatively i use the SMTP connection to create the subscription as well,its working properly.
Here we are accessing SMTP connection manager as Virtually.Here in my client network we are using Macafee Anti virus ,We have excluded the Rsconfigration file in the excluded list.I dont know why this problem occures again using Sendmailtask in ssis?
i know the basics about how to manipulate SQL server database, i mean the code itself, but there are few other things which i don't understand.
first, databases which i have created by my own, i can use only when i have the website itself open (i get an icon at the taskbar) but database such as 'master' which came with the sqlserver, i can acess always even without running the page with visual studio first. i have no idea why.
also, when i try to connect my website using my ip, i can only do it with the master database.. those i created by my own i can only connect when i enter the URL page as localhost.
I don't understand what's USER INSTANCE for and how do i really set a database username and password
can someone exaplin a little? thanks, because i am very confused .
I have a quick question, Can i access the SSIS services of a Server from a remote server using Sql Server management studio.
I'm trying to access a third DB server and i can access it using Sql server management studio with sa and password but the integration services aren't there and when i try to explicitly connect to it, it is not connecting
Any ideas?
P.S: Can any of you recommend a very good book as I've done some work with it but it seems i might be the one doing more work with BI from now on as the organisation is not going to appoint anyone else in this position.
Hi: I'm trying to connect to a data base of "sql server 2005 enterprise" named BCR.The server name is "server1"I'm using Windows Authentication to connect to serverThe operating system is Windows Server 2003 Enterprise Edition Service Pack 1 When I run the aspx I get this error at line 21 System.Data.OleDb.OleDbException: Invalid authorization specification Invalid connection string attribute at System.Data.OleDb.OleDbConnection.ProcessResults(Int32 hr) at System.Data.OleDb.OleDbConnection.InitializeProvider() at System.Data.OleDb.OleDbConnection.Open() at ASP.pruebaLeeSqlServer_aspx.__Render__control1(HtmlTextWriter __output, Control parameterContainer) in Z:DigitalpruebaLeeSqlServer.aspx:line 21 This is my code: Dim str2 As String = "Provider=SQLNCLI; Server = server1; Database = BCR"Dim cnn2 As OleDbConnection = New OleDbConnection(str2)Dim cmd2 As New OleDbCommand()Dim drd2 As OleDbDataReaderTry cnn2.Open() cmd2.Connection = cnn2''''''''''''''''''''''''''''''''''''''''''''''''''''line 21 cmd2.CommandText ="SELECT LastName FROM Employees" drd2 = cmd2.ExecuteReader Do While drd2.Read %> <%=drd2.GetString(0)%><br> <% Loop drd2.Close()Catch exc1 As Exception %> <%=exc1.ToString()%> <%Finally cnn2.Close() End Try What could be wrong?Do I need enable permission for asp.net in sql server?how I can do it? Thanks!!
I have a web application (ISAPI) that accesses a SQL Server 2000 (sp3) database in the same machine as the Web Server (IIS 6). Windows 2003 Standard Edition is the operating System. So, when users access the aplication through the web it runs ok until display the error message "Invalid authorization specification" or, sometimes, another message about failure to inform ODBC DSN, although I dont use ODBC.
When the error occurs, the user press F5 in the browser and the operation goes ok. It's an intermitent and curious error.
I am trying to develope a authorization matrix for cpmpany of 75 employees, with different roles and permissions for roles to some applications like CRM , diiffrent folders,databases etc. I tried to find some informaton about this auhtorizaion matrix.
I'm trying to connect to a data base of "sql server 2005 enterprise" named BCR. The server name is "server1" I'm using Windows Authentication to connect to server The operating system is Windows Server 2003 Enterprise Edition Service Pack 1
When I run the aspx I get this error at line 21
--------------------------------------------------------------- System.Data.OleDb.OleDbException: Invalid authorization specification Invalid connection string attribute at System.Data.OleDb.OleDbConnection.ProcessResults(Int32 hr) at System.Data.OleDb.OleDbConnection.InitializeProvider() at System.Data.OleDb.OleDbConnection.Open() at ASP.pruebaLeeSqlServer_aspx.__Render__control1(HtmlTextWriter __output, Control parameterContainer) in Z:DigitalpruebaLeeSqlServer.aspx:line 21
------------------------------------------------------------------ Dim str2 As String = "Provider=SQLNCLI; Server = server1; Database = BCR" Dim cnn2 As OleDbConnection = New OleDbConnection(str2) Dim cmd2 As New OleDbCommand() Dim drd2 As OleDbDataReader Try cnn2.Open() cmd2.Connection = cnn2''''''''''''''''''''''''''''''''''''''''''''''''''''line 21 cmd2.CommandText ="SELECT LastName FROM Employees" drd2 = cmd2.ExecuteReader Do While drd2.Read %> <%=drd2.GetString(0)%><br> <% Loop drd2.Close() Catch exc1 As Exception %> <%=exc1.ToString()%> <% Finally cnn2.Close() End Try ------------------------------------------------------------------
What could be wrong? Do I need enable permission for asp.net in sql server? how I can do it?
i want to implement authorization with windows authentication and don'thave the slightest clue of how to do this implementation. the basicwindows authentication for this .NET application is already setup. myproblem lies within my inability to manipulate the username captured inthe authentication process and my knowledge of how IIS is involved.specifically, i have the following questions:1) what object(s) can be used so that the user's username can bemanipulated for the authorization process?2) in order to apply roles, do the users need to be placed in groups inIIS? if so, how does this work?3) is all the code that the application uses for roles in web.config?or does global.asax play a role in this matter?4) does the web.config file know to communicate with IIS because theauthorization type is set to windows?5) once authorization is in place, can a section of an .aspx file bevisible to a group or can only entire files be secured for a group?as you can see, i'm trying to figure out the relationship betweenauthorization and windows authentication so any help would beappreciated.thanks,johne: Join Bytes!
We are testing our product on Windows Vista with SQL Server 2005 SP2 and are encountering an "invalid authorization specification". We make the connection through a Windows service using a standard ADO connection. I have tried changing the provider in the connection string to SQLNCLI without any success. The application is written in Delphi 5 and has worked on previous versions of Windows running SQL Server 2005.
I know I'm missing something obvious and most likely just need some sleep to figure it out,but I'm trying to finish a block of auditing code off to hit a deadline. I can't figure out why I get an error when I try to do the following:
CREATE USER audituser WITHOUT LOGIN
GO
CREATE SCHEMA audit AUTHORIZATION audituser
GO
EXECUTE AS USER = 'audituser'
GO
--Create new, flexible audit structure
CREATE TABLE audit.AuditTable
(AuditID int identity(1,1),
TableName sysname NOT NULL,
AuditAction char(2) NOT NULL,
RowData xml NOT NULL,
AuditDate datetime NOT NULL CONSTRAINT df_table1_audit_editdate DEFAULT (getdate()),
AuditUser varchar(30) NOT NULL CONSTRAINT df_table1_audit_edituser DEFAULT (suser_sname()),
The user and schema are created properly. audituser is the owner of the schema and therefore should have the authority to do anything at all within the schema. However, the create table statement is failing and saying CREATE TABLE permission denied. Why?
I have an application in C# in which i have few events like download,Import and I have written all the code for that and its working fine but I have to schedule these processes so that I need not to run it manually daily. I am trying to write an Integration services package through which I could handle the required event, without rewriting the whole code.
Hi Guys Hoping that someone out there is able to give me some help on this one
I am trying to install SQL Server 2005 developer Edition on to a new laptop that is running Windows vista home premium edition
However after running the install and then trying to run the Service Pack 2 it producing an error saying that the windows authorisation is not valid and not using named pipes protocol. After some searching and googling I have checked all the option that I can see like that my login to the windows environment is the administrator which its is but from there I still am unable to log
Any Ideas people, or is this a known problem that I am just not seen
Hello,I have an SQL Server 2005 database that I'm trying to create using script.Everything works fine, but when I click on "Database Diagrams" I get anerror message that there is no database owner, and of course when I show theDatabase Properties, the database was created without one. Is there any wayto ALTER AUTHORIZATION to a default owner or system administrator, somethingvalid?Any direction would be appreciated.Thanks!Rick
I am in the planning phase of building a Form Authenication Report Server project. The database contains the Role information for each report and for each user. The objective is to authenicate and authorize user so that only the authorized reports are available for the current user to view.
Base on my research these are my plans.
1. Deploy Reports onto the Report Server 2. Put Reports in folders to group different types of report (I am not sure is it possible to only the display authorized reports for the current user) 3. Design the custom Security extension to authenicate and authorize using the database
1. Is it possible to only display authorized reports for the current user to view by doing custom security extension?
For custom authorization, I am overwriting the CheckAccess method.
But how do I know what I am trying to access in CheckAccess method? I need to know what report the check access method is trying to execute for our requirements.
I need to enable digest authorization on an HTTP endpoint, because the integration tools for some java code that needs to connect to it does not support NTLM or kerberos - only digest and basic. I setup a test endpoint in order to test only digest authorization (as opposed to the final endpoint which needs both digest and integrated), but I can't even get that to work - when I point my browser to it to see the wsdl it pops up with the login box, but the login always fails.
I have the feeling I'm missing some very minor piece that will just make the whole thing work. Below are some log entries as well as the script to create the test endpoint I'm hitting. Any ideas are very welcome, I've banged my head on this one for far too long.
SQL Server error logs shows a "Error: 26026, Severity: 14, State: 1" entry followed by a "HTTP authentication failed" entry.
Event Log Security entry on the server:
Logon Failure:
Reason: An error occurred during logon
User Name: MyUserName
Domain: mydomain
Logon Type: 3
Logon Process: WDIGEST
Authentication Package: WDigest
Workstation Name: -
Status code: 0xC000006D
Substatus code: 0xC00000FE
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: -
Source Port: -
Test endpoint script:
CREATE ENDPOINT [DigestTest]
STATE=STARTED
AS HTTP (PATH=N'/DigestTest', PORTS = (CLEAR), AUTHENTICATION = (DIGEST), SITE=N'SRV001',
I got authentication to work without too many problems, and it authenticates by querying my custom table. I want to also maintain my authorizations in the same manner. I want to be able to define in my own tables that user test1 has permission to view reports 1, 3, 5, and 8. User test2 can view reports 1,3,5,8, and 9. User test3 can view 1, 2, and 4. Etc.
The authorization extension, contained in my version of Authorization.cs is where I expected to be able to do this. I wanted to be able to write code that queries my own tables and says, "does this user have permission to view this item?" Getting the this user portion is easy as is obvious in the many checkAccess methods. But being able to tell what item I am currently dealing with has proved impossible from the context of Authorization.cs, which implements IAuthorizationExtension. Knowing what type of item I am dealing with is obvious, but I need to know something that uniquely identifies the exact item I am dealing with.
How can I determine in checkAccess or any of the other available methods what "thing" they are looking at? What can I examine to determine that for instance this particular authorization request is against "Report 1"? It seems that if I was allowed to completely override Authentication to use my tables, I should be able to override Authorization to do the same. Is this possible or am I missing something?
I need to create a Crystal Report based on a SQL Server database. However, life is never that easy
The report needs data to be taken from the database, manipulated and reported upon. Doing this manipulation within CR will make the report take far too long to produce so I thought I would create a temporary table within SQL Server and manipulate that.
Cannot get Create Table permission!
Plan B is to use VB / ADO to extract the data (about 1 million rows) from SQL Server and write it to a local Access database that I can manipulate as much as I want. Crystal Reports can then report on the Access data.
Questions: Is this the best way to go? I know how to use ADO to connect to n Access database but how do I connect to a SQL Server database? I think I will need to write a single Select to build the SQL Server recordset but will I need to write each row individually, using a Do Unitl loop, to get the data into the Access recordset?
I have followed the instructions in this topic: http://msdn2.microsoft.com/en-us/library/aa337083.aspx and I have read Kirk Haselden's blog post on the subject (which contains the same info) and I still CANNOT manage to grant non-administrators the ability to access an IS server. They constantly get the Access is Denied error. Has ANYONE actually gotten this to work? If so, could you please share what you did?
I have a little problem with my IS Server. I am using Windows Server 2003 64bit and IS 9.0.1399. I have two named instances for databases.
I am able to connect to Intergration Services just with the Servername (no Instance Name) and I see the folders in there. When I try to open the MSDB Folder (under "Stored Packages") I get the following exeption: "Failed to retrieve data for this request ...." and Additional informations: "Login timeout expired ....."
I am of corse administrator, so permission will be ok ...
Does anyone have a good starter's tutorial on authorization advice & configuration for SQL Server 2005?I need to know what is adviced what web users can specifically do and dont in my db, and how to configure that...Thanks!
a customer is getting on mS SQL 2000ERROR ODBC 28000 Invalid authorization specificationI dont understand because all the rigth are OKASP NET USER, IISS user and so on !i am trying to connect the to SQL from ASPX pages (it works for me and a few customers but not that one)what can be the problem ?thank you
Hi,I have just reinstalled Reporting Services on win 2003 server that wasadded to a domain and has been renamed. Two strange things happen:1) In IE I am prompted for an ID and password with a basic securityprompt.2) After supplying the credentials I get some of the report manager webpage but it has a 401 error instead of the folder and options to manageprojects.The page looks like this:ErrorThe request failed with HTTP status 401: Unauthorized.HomeThe reporting services error log contains the following error:Unknown!ui!ed8!2/9/2005-20:44:32:: v VERBOSE: Usermap'<Users><User><Name>DOMAINAdministrator</Name><Paths><Path>/reports/Home.aspx</Path><NrReq>1</NrReq></Paths></User></Users>'Unknown!ui!a24!2/9/2005-20:44:33:: v VERBOSE: Usermap'<Users><User><Name>DOMAINAdministrator</Name><Paths><Path>/reports/Pages/Folder.aspx</Path><NrReq>1</NrReq></Paths></User></Users>'Unknown!ui!a24!2/9/2005-20:44:34:: e ERROR: The request failed withHTTP status 401: Unauthorized.Unknown!ui!a24!2/9/2005-20:44:35:: e ERROR: HTTP status code --> 500I have not changed any of the config files that are installed.Thanks for any help in advance,Eric
I've been trying to connect to my local SQL Server instance (SQL Server 2005) using the SQLNCLI interface from c++ without success. I consistently receive an 'Invalid authorization specification' error (SQL state 28000 and SQL error number 0) when I call IDBInitialize::Initialize to connect to the database. I was hoping someone here could shed some light on this and help me out.
The strange thing is that I get no error if I leave the user blank (L"" in vValue.bstrVal) and try to connect. Also, IDBProperties::SetProperties returns 0 when the user is blank but 40eda when the user is set. This seems to be a message from the pipeline facility but I haven't found the description of the code (0xeda).
The user in the database is configured with no password and I can successfully connect to the server and open the database using that user through Management Studio.
I've also tried using the SQLOLEDB provider with the same results.
Suspecting that I'm setting the properties wrong I include a code snippet below showing how I'm setting the properties:
for (int i = 0; i < sizeof(dbprop) / sizeof(dbprop[0]); i++) VariantInit(&dbprop[ i ].vValue);
// Server name dbprop[0].dwPropertyID = DBPROP_INIT_DATASOURCE; dbprop[0].vValue.vt = VT_BSTR; dbprop[0].vValue.bstrVal = SysAllocString(L"localhost"); dbprop[0].dwOptions = DBPROPOPTIONS_REQUIRED; dbprop[0].colid = DB_NULLID;
I am getting access denied error "cannot connect to server" while trying to connect Integration Services. I am trying to connect from my laptop to the SQLSERVER database server.
I followed the document "Connecting to a Remove Intergration Services Server" , doc id: aa337083.
But I can connect to IS if I log remotely to the server.
Any thoughts on this ?
Thanks
-Rajesh
I am getting following errors.
===================================
Cannot connect to cvsslmdd1-vm.
===================================
Failed to retrieve data for this request. (Microsoft.SqlServer.SmoEnum)
------------------------------ For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&LinkId=20476
------------------------------ Program Location:
at Microsoft.SqlServer.Management.Smo.Enumerator.Process(Object connectionInfo, Request request) at Microsoft.SqlServer.Management.UI.VSIntegration.ObjectExplorer.ObjectExplorer.ValidateConnection(UIConnectionInfo ci, IServerType server) at Microsoft.SqlServer.Management.UI.ConnectionDlg.Connector.ConnectionThreadUser()
===================================
Connect to SSIS Service on machine "cvsslmdd1-vm" failed: Access is denied. .
------------------------------ Program Location:
at Microsoft.SqlServer.Dts.Runtime.Application.GetServerInfo(String server, String& serverVersion) at Microsoft.SqlServer.Dts.SmoEnum.DTSEnum.GetData(EnumResult erParent) at Microsoft.SqlServer.Management.Smo.Environment.GetData() at Microsoft.SqlServer.Management.Smo.Environment.GetData(Request req, Object ci) at Microsoft.SqlServer.Management.Smo.Enumerator.GetData(Object connectionInfo, Request request) at Microsoft.SqlServer.Management.Smo.Enumerator.Process(Object connectionInfo, Request request)
===================================
Connect to SSIS Service on machine "cvsslmdd1-vm" failed: Access is denied. .
------------------------------ Program Location:
at Microsoft.SqlServer.Dts.Runtime.Wrapper.ApplicationClass.GetServerInfo(String bstrMachineName, String& serverVersion) at Microsoft.SqlServer.Dts.Runtime.Application.GetServerInfo(String server, String& serverVersion)
I am having trouble finding the correct syntax to access a variable. I have a variable defined in the Variables window: The variable name is formatedDate. The DataType is String.
I am successfully setting the value of the variable in a Execute SQL Task. The SQL is as follows:
SELECT LEFT(CONVERT(VARCHAR, MAX(ReportDate), 120), 10) as formatedDate from DimReportDates
The Result Set is set to “Single Row” and properly set up.
No problem so far. I can see with a watch that the variable has the correct value, something like:
‘2015-09-30’
Now, in a subsequent step, a Data Flow Task, I want to access the variable. Actualy it is in the SQL statement of a OLE DB source in the Data Flow… I have the following:
I have a vb 6 program that has been running for several years against a 6.5 db. I convert the db to 2000, and now when I repoint the software to the 2000 db, I get "Invalid Authorization Specification" when I try to open the connection. The connection string is:Dim conn As ADODB.ConnectionSet conn = New ADODB.Connectionconn.Open "Provider=SQLOLEDB" & _ ";Data Source=" & sServer & _ ";Initial Catalog=" & sDB & _ ";User Id=" & goProcess.UserID & _ ";Password=" & goProcess.Password & ";"All of the variables are filled out correctly, when I go against a 6.5 it works, Sql Server 2000 doesn't.
When I try to connect to "Integration services" in "SSMS" with my window authentication, for some servers can able to connect. But for some server i am getting error like "Access denied".
To fix these Access Denied, as per instruction from google, i have configured the Administrative Tools-->Component Services->Component Services-->Computer-->My Computer-->DCOM Config-> Microsoft SQL Server Integration Services 11.0--> Right Click-->Properties-->navigate to “Security”--> then adding the Active direcotry login in the "Launch and Activation Permissions", "Access Permissions" and "Configuration Permissions".
Then this issue was fixed. I want to know why this was happening to some servers only, what is the reason behind this.
I have a little problem with my IS Server.I am using IS 9.0.1399 (SSIS 2005).I have one instance for databases.I am able to connect to Integration Services just with the Servername (no Instance Name) and I see the folders in there.When I try to open the MSDB Folder (under "Stored Packages") I get the following exeption:
"Login timeout expired/An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections.SQL Network Interfaces: Connection string is not valid [87]."
Is it possible to access a Derrvied Column from an OLE-DB Command? I have to Update a Table with a join and i need from the source Table columns which have to be pivoted before i can use it in the update Command.