MSSQL Server 2005 Reported Account Locked Out For User 'sa'
Nov 29, 2006
Greetings,
I receive an error message in event log when i try to connect to the Database Server using ODBC on a client machine. The database server is running on Windows 2003 Server Standard Edition and the client machine is Windows XP Professional. Following is the error message from the event log:
2147467259 - [Microsoft][ODBC SQL Server Driver][SQL Server]Login failed for user 'sa' because the account is currently locked out. The system administrator can unlock it.
What causes the error to occur and how to resolve it?Appreciate for your assistence.
Who needs to invoke the jobs in SQL05? Manually executing the job import_myteam as a user with dbo privileges fails. So, which user account should be assigned to successfully run scheduled jobs (ie, dbo)?
The package file for the job in question is located in the server€™s C:Documents and SettingsuserxyzMy DocumentsVisual Studio 2005ProjectsIntegration Services Project3Integration Services Project3MyTeam (1).dtsx, but this still fails when the user userxyz is logged on and is executing the job directly from the server console.
Step1 of the package executes as userxyz Step 2 fails and runs as cpmc-casql02
The user account userxyz has administrator rights to the server as well as being a sysadmin of the SQL2005 database (named cpcasql02).
The account cpmc-casql02 is a €œpublic€? user of the database and is a member of the administrator group on the server itself.
This same scenario carries for tasks as simple as truncating a table and importing the contents of another table in the same database.
All of these jobs exhibit the same behavior whether run directly from the server console on remotely from a workstation connected to the SQL2005 database.
Attempting to get a really simple job working, we also created a very simple SSIS package which does a select from a database table and writes the output to a text file. When running the same package from the user€™s workstation within Visual Studio, the package executes successfully. Once copied to the server, and run from within SQLServer as MyJunePackage however, the execution fails in the same manner as described above. The first step executes successfully as the logged-in user and the second fails executed under the account cpmc-casql02.
So, again we have the same behavior of sequential steps being run as different users with unsatisfactory results. Please advise as to how to set up these jobs to run correctly and consistently.
The account i setup to access the db in Sql 2005 Proper on the Production serve is Represented by the name in the above example as “aspuser�. I created this user in security, logins. And I gave permissions to this on the Db level “create procedure delete, select, update insert.�
I get a error when i run the page in the browser that says “login failed for aspuser.�
I know virtual directory is configured properly. I can run aspx page in the directory with out a db connection, without and error.
I've recently installed SQL-Server 2005 on our production server (win server r2, .net framework 2.0, 3.0 etc ..). In order to improve the security mechanism I'm allowing only windows authentication (not mixed mode).
If each site and the sql-process is given a specific user account, could it have some bad performance issues ? Security-wise, which is better ?
Few things to point out: 1. The SQL process was assigned with a local user account (i.e : [machine name]SqlServerUser) and not using NT AUTHORITYNETWORK_SERVICE. 2. Every ASP.Net site on the server assigned with a local account (i.e : [machine name]SomeSiteUser) through the IIS's Directory Security tab and not using IUSR_[machine name]. 3. Each "Site User" has the appropriate database authorization in sql. Any given help will be appreciated, thanks.
I have a SQL Server 2005 Express edition instance set up on one server, and IIS on another server.
The SQL Server process account is a domain user account, which I have added to the local groups that SQL Server created during installation (I originally used a local user account instead of domain account; however, the problem occurs with both).
SQL Server runs fine, and if I set my IIS application pool identity to a domain admin, my web app can access the database and retrieve the data necessary.
However, I have a domain user account that I want to use to run the app pool and retrieve the data. The domain user account is added to the IIS_WPG group on the web server. On the database server, I have created a login for the account, as well as added it to the db_datareader role of the database that is used for the site.
However, the user is not able to connect to the SQL Server. I get the "Login failed for user <user account>" error in ASP.NET. I also tried connecting with SQL Server Management Studio, and I get the same error. I checked and the user has connect permission to the database server.
With admin accounts, there are no problems logging in, etc.
Any pointers are appreciated,
Thanks,
SA.
Edit: I was able to find out that the State is 11 for the error. According to http://blogs.msdn.com/sql_protocols/archive/2006/02/21/536201.aspx, this indicates "Valid login but server access failure." I am not sure how to resolve this.
I have a problem that i can't log on sql server as the account is lock out. I don't know why it is locked out as this is the first time i log on. Anybody has this experience? Thank you very much!
My 'sa' account is locked out and the BUILTINAdministrators account does not have the sysadmin role. I removed the sysadmin role from BUILTINAdministrators for security reasons and before I could create a new account with the sysadmin role I fat fingered the sa password and locked it out. How can I get myself out of this mess.
I have been using SQL2000 for a number of years and the company I work for needs a new system so I decided to install SQL2005.
I installed SQL2005 without any problems and set a complex password for SA. I tried to log on and had to make several atempts as I remmebered the password after the SA account got locked out with the following message:
Login failed for user 'sa' because the account is currently locked out. The system administrator can unlock it. (Microsoft SQL Server, Error: 18486).
The problem I have is I cannot log onto SQL at all as it is not logging on with windows authentication either!
How do I unlock the SA account or do I have to reinstall SQL?
We are running a shopping mall in Korea and got a database including a table of 4 million product prices, which is to be updated hourly basis. Updating 4million records requires at least 10 minutes to complete. During the update, our shopping mall exposed to customers does not respond quickly in fact very very slowly and we investigated and found out that many tables of SQL database during the update were being locked. As you know, site speed is top priority. We studied and found out that there are two ways to avoid having locked tables during update, those are "read uncommitted" and "snapshot" using the following lines.
set transaction Isolation level read uncommitted set transaction Isolation level snapshot
We tried numerous times the above two lines and still find our tables being locked during update and our customers are being disappointed.
My questions:
1. Is it possible at all in view of "the state of the art" to avoid having locked tables during update of 4 million records ?
2. if it is possible, would you please teach me like I am the beginner of database studies?
For your information, we are using 2005sql (64bit) in Windows 2003 (64bit).
I just brought SQL Server 2005 up on Windows Server 2003 a few days ago. Everything was going great up until a few minutes ago. I tried to connect using the Management Console and get the message
Login failed for user 'sa' because the account is currently locked out. Your administrator can unlock it.
I am attempting to use Visual Web Developer Express with a connection to a SQL Express db from a non-admin account on my XP Pro SP2 machine.
I can do everything in the app under an admin login, but can't seem to configure the db to allow the non-admin account access to the db. I've tried tweaking WMI, using Network Service, Local Service, and Local System with NT AUTHORITY, individual logins, and group permissions, but I'm stuck.
After upgrading a server from SQL Server 2000 to 2005, an index was suddenly being reported as corrupt in the SQL Server log (probably every time an Insert was done). DBCC CHECKDB / CHECKTABLE reported no errors, with or without the new WITH DATA_PURITY option.
Anyone else experienced something similar?
How can an index be reported as corrupt when DBCC doesn't report it?
Dropping and re-creating the index solved the problem. I've restored a backup of the database (made before dropping/re-creating the index) to try repeating the problem, but no success so far.
Does enabling/disabling Data Execution Prevention have a performanceimpact on SQL 2000 or SQL 2005?For SQL best performance - how should I configure for:Processor Scheduling:Programs or Background servicesMemory Usage:Programs or System Cache
I'm developing a client-server application using Visual Basic and SQL Server 6.5 for 700 users. The application currently requires users to login to the database using their network account (via trusted connections). Each of the users takes up a maximum of 6 connections. Unfortunately, other considerations will force us to discard use of trusted connections. So it only leaves us either to create 700 user accounts on SQL Server separately from their network logins or to create one SQL Server account and everybody uses that same account to login to the database. For political reasons, the customer would prefer not to ask their support group to maintain 700 user accounts on SQL Server if it can be avoided.
My question: is there any technical limitation or other negative consequence of having 700 users login to the same account to SQL Server if SQL Server can handle that many connections (it would be 6*700 = 4200 connections) simultaneously? Are we supposed to do things like this? It seems that we don’t have better choice than this.
Ankush Jain writes "I m using Sql Server 2000 in Windoes XP (SP2) with Limited Window Account. I m new to Sql Server.Please You can tell me how to create database. When i expand the console root in Enterprise Manager it will show an error : "A connection could not be established to Local""
I'm trying to determine which user has locked a given record from VB6.I know I can use sp_lock and sp_who, and match up the data to determinewhich users have locked records in my database, however I haven't seen a wayto match the specific user to the specific record. What am I missing here?Thanks!*David*
Please forgive my ignorance, I am by no means a SQL Expert, but have encountered a strange issue.
I have 6 SQL Servers, Primarily SQL 2005 (one older SQL 2000) all loaded on Windows Server 2003 SP1.
We use the servers for a proprietary database that we created which is the backend to a software package we sell.
The issue I have is: We have added a Security account to the servers, and in one case we have granted rights for this account to the TempDB system database. However, whenever we restart this server SQL drops this user account, thus severing connectivity for the app that is relying on that account.
I have set the account as DB-Owner etc, but nothing sems to keep it on re-start.
I would like to write code to delete and add a SQL Login to every User database on my development server. Whenever I restore databases to dev using production backups the SQl Server logins are invalid and I need to delete them from the user database and add them again.
I've already hard-coded a sql server job with n steps... a step for each user database to drop and add this sql user to each database. This isn't optimal since I have to add or delete a step everytime a user database is added or deleted.
Does anyone know how to write a loop or cursor that does this dynamically? I am doing something syntactically wrong related to the GO statement.
declare @db varchar(100)
declare @message varchar(3000)
DECLARE user_cursor CURSOR FOR
SELECT top 1 name
FROM master.sys.databases
where name not in
('master','tempdb','model','msdb')
OPEN user_cursor
FETCH NEXT FROM user_cursor INTO @db
WHILE @@FETCH_STATUS = 0
BEGIN
SELECT @message = 'use '+@db + '
GO'
+'DROP USER [SQLLogin.DataEntry]
CREATE USER [SQLLogin.DataEntry] FOR LOGIN [SQLLogin.DataEntry]
Hullo folks, I'm having what I assume is a fairly mundane security issue.
I have a SQL login that I am trying to restrict as much as possible. This account's sole goal in life is to hit the server, return some usage statistics, then truncate the table it received the statistics from. I would like to refrain from granting this login permissions on the physical target table if possible.
Usually I can wrap up "protected" operations in a stored procedure, then grant exec permissions for my user and I'm good to go. However, TRUNCATE TABLE gets cranky with me when I attempt the above method. I suspect that has to do with the fact that TRUNCATE TABLE is effectively modifying the table itself as opposed to merely deleting data.
Is it possible to grant this login ONLY execute permission on a stored proc that TRUNCATE's tables without giving the user any physical permissions? Am I going about this the wrong way?
I have gotten my production version of SQL locked into single user mode. We recently upgraded to a clustered configeration and when I went to pause the system to get control I was told Pause was not available in a clustered environment. I restarted the service with -m [single user] but couldn't run Enterprise Manager as it appeared to take the only user slot and not give me one. Then I hit on startingup with Query Analyzer and that worked but now how do I get it back into multi-user mode. I placed the -m in the settings using Enterprise manager; could I stop the service and restart at the cmd prompt using -f [minimal config] and get Enterprise manager running? Any assistance appreciated.
Hi, I keep getting a connection failed error message... CANNOT the DATABASE " " requested by the Login. The Login failed for User 'NT Authority/ Network Service' error and I figure I should create an account for the site to access the Database with but I do not know how to create an account in SQL server using the Management studio?? Anyone willing to give me the exact information I need to do this so I do not do something else and ruin things please??? I am not much of an SQL DBA. thanks in Advance.
TITLE: Connect to Server Cannot connect to MyPCName. ADDITIONAL INFORMATION: Login failed for user 'MyPCNameMyLogin'. Reason: The account is disabled. (MS Server, Error: 18470)
------------------------------ Server Name: MyPCName Error Number: 18470 Severity: 14 State: 1 Line Number: 65536
------------------------------ Program Location:
at System.Data.SqlClient.SqlInternalConnection.OnErro r(SqlException exception, Boolean breakConnection) at System.Data.SqlClient.TdsParser.ThrowExceptionAndW arning(TdsParserStateObject stateObj) at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) at System.Data.SqlClient.SqlInternalConnectionTds.Com pleteLogin(Boolean enlistOK) at System.Data.SqlClient.SqlInternalConnectionTds.Ope nLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance) at System.Data.SqlClient.SqlInternalConnectionTds..ct or(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance) at System.Data.SqlClient.SqlConnectionFactory.CreateC onnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection) at System.Data.ProviderBase.DbConnectionFactory.Creat eNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup) at System.Data.ProviderBase.DbConnectionFactory.GetCo nnection(DbConnection owningConnection) at System.Data.ProviderBase.DbConnectionClosed.OpenCo nnection(DbConnection outerConnection, DbConnectionFactory connectionFactory) at System.Data.SqlClient.SqlConnection.Open() at Microsoft.SqlServer.Management.UI.VSIntegration.Ob jectExplorer.ObjectExplorer.ValidateConnection(UIC onnectionInfo ci, IServerType server) at Microsoft.SqlServer.Management.UI.ConnectionDlg.Co nnector.ConnectionThreadUser() ================================================== ====
DB is developed on local computer with MSSQL 2005 Express. My host is on MSSQL 2005 workgroup. Are they compatible, because I am getting errors? Is my approach wrong?
I have tried several approaches.
A) I created a backup of database on my local, then placed a copy on the server. Then I tried to restore through Server Management Studio. I get this error.
TITLE: Microsoft SQL Server Management Studio
------------------------------
An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo)
------------------------------
ADDITIONAL INFORMATION:
The backed-up database has on-disk structure version 611. The server supports version 539 and cannot restore or upgrade this database.
RESTORE FILELIST is terminating abnormally. (Microsoft SQL Server, Error: 3169)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=08.00.2039&EvtSrc=MSSQLServer&EvtID=3169&LinkId=20476
------------------------------
BUTTONS:
OK
------------------------------
B: I also have tried copying the database. I put it in the same path as the other databases that can be read with server management studio on the server. Then, tried to get to it through server managements studio and it did not appear. So I tried to attach it. Then I received this error:
TITLE: Microsoft SQL Server Management Studio
------------------------------
Attach database failed for Server 'MROACH1'. (Microsoft.SqlServer.Smo)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=9.00.2047.00&EvtSrc=Microsoft.SqlServer.Management.Smo.ExceptionTemplates.FailedOperationExceptionText&EvtID=Attach+database+Server&LinkId=20476
------------------------------
ADDITIONAL INFORMATION:
An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo)
------------------------------
Could not find row in sysindexes for database ID 10, object ID 1, index ID 1. Run DBCC CHECKTABLE on sysindexes.
Could not open new database 'LodgingDB'. CREATE DATABASE is aborted. (Microsoft SQL Server, Error: 602)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&EvtSrc=MSSQLServer&EvtID=602&LinkId=20476
------------------------------
BUTTONS:
OK
------------------------------
C: I have also tried opening the Database, and back up file through Server Management Studio. without success.
D: I also tried Windows and Software update at microsoft update, but no updates were recommended for Version on Server.
I'm surprised this is so hard. My original data base was created in same family of software. 2005 MS SQL Express. I could use some direct help from someone experienced with this. Am I doing it wrong or are the DB versions incompatible.
Hi all. We have a mix of informix and mssql server and I want to know if something we do in informix has an analogous feature in MSSQL. We can define a "row type" in informix, like so:
create row type name_1(fname char(20),lname char(20));
The when we create any table that includes a first and last name, we do so using this row type like so:
create table sometable(name name_1, some column,...etc)
This allows us to set a standard for certain common fields and avoids having different developers build the same type of field in more than one way, different lengths, etc.
Greetings:I am trying to conceive what risks might be created by runningmultiple SQL servers within a domain under a single domain account, asopposed to 1) running under the local service account or 2) multipledomain service accounts.In this case, all the SQL servers are SQL2000 running on Win2003. Theservice account is assigned only to the "Domain Users" group.We do use linked server calls, and I have played and suceeded gettingKereberos up to avoid double hop issues when using Windows Auth. Infact, this is one of the reasons that sparked the question in my mind-- in all the MS Kerebos SQL<->SQL examples, the SQL servers run undera unique service account.As an aside, most of the servers are "line of business" servers, butHR runs under a unique server with more sensitive information. I don'treally think that merits a seperate service account, but again, Icould well be missing something.I mostly looking for food for thought, but concrete examples ofgotchas would be appreciated.Thanks all.d.
While attempting to set up sql replication in MSSQL 2005 one of my user databases is now in the systems database folder. I need to move it back to the user databases folder. Any help would be greatly appreciated.
my sql server 2005 is instaled on windows xp machine ( i have only remote connection on this computer ) , i made mistake and delete my account on sqlserver it was a admin account , the problem now is i cant log on sqlserver enymore becuse sa account is disabled.
can anyone give me step by step instructions as to how I would go about correctly granting the aspnet account access to my sql server 2005 database ?? As far as I can see Ive set it up, but im getting execute permissions errors on stored procedures even though Ive gone into properties and permissions and added the aspnet account with execute permissions.
Msg 7399, Level 16, State 1, Line 1 The OLE DB provider "VFPOLEDB" for linked server "tele" reported an error. Access denied. Msg 7301, Level 16, State 2, Line 1 Cannot obtain the required interface ("IID_IDBCreateCommand") from OLE DB provider "VFPOLEDB" for linked server "tele".
OLE DB provider "Microsoft.Jet.OLEDB.4.0" for linked server "tele2" returned message "The Microsoft Jet database engine could not find the object 'prospect_divu'. Make sure the object exists and that you spell its name and the path name correctly.". Msg 7311, Level 16, State 2, Line 1 Cannot obtain the schema rowset "DBSCHEMA_COLUMNS" for OLE DB provider "Microsoft.Jet.OLEDB.4.0" for linked server "tele2". The provider supports the interface, but returns a failure code when it is used.
I have been running a script in SQL Server 2000 as sa also as a Active Directory user who has administrator rights (I tested both approaches SQL Server then Windows Authentication) in Query Analyser which grants execute rights to the stored procedures within the database instance and Query Analyser does not give any errors when I run the script. I have made sure that each transaction has a go after it. I then return to Enterprise Manager, check the rights (I apply them to roles so that when we create another SQL Server user we just grant him/her rights to the role) and discover that the role has not been granted the rights. I seems to be occurring only with 2 of the procedures. Is there a known bug that might be causing this?
