Mapping Active Directory Group Members To SQL Server Roles
Sep 12, 2006
My question is I have a SQL Server running on Web Server which is a member of a 2000 Active Directory, I only grant access to the database via Global Groups from the Active Directory. When I log onto the database via Windows Authentication the actual user shows up in the master.dbo.sysprocesses table, I can tell what database that process is going to but not how that user is being translated to the Global Group that was actually given access. I need the actual database user name which is the Global Group name that had permissions granted via user defined database roles so that I can do some pre-processing in an ASP.NET application so that I know what parts of a form are updatable or not.
View 1 Replies
ADVERTISEMENT
Mar 24, 2006
Hi,
I'm trying to extract all the users and their membership to groups, and the membership of groups to groups from active directory though a link to server.
I can get the users. I can get the groups.... individually.
I can't get the info of what user is a member of or who are members of a group.
Anyone know how to do this or am I going to have to right a vb app? (Anyone already got the code...)
I want to load this data into tables for reporting in my Data Warehouse.
Cheers
Chris
View 1 Replies
View Related
May 8, 2007
Is there a way that we can tell what active directory group the person belongs to that is running the report? I know that you can detect a user id, but I need to access the Active Directory Group that they belong to.
View 1 Replies
View Related
Mar 18, 2007
How do you limit access to data based on Active Directory group membership and/or SQL Server database access?
View 1 Replies
View Related
Jul 17, 2014
Is it possible to check for Active Directory group.. ie see if the user running the Stored Proc, is in a specific Active Directory Group? Or if I set up Login's using Active Directory, can I get the Login that way... or will it give me the user's account?
View 6 Replies
View Related
Oct 1, 2015
Current: One common SQL login is being used by SQL DBA on all the servers
New Plan: Creating one windows AD group, adding the DBA's to that group and create as a login with sysadmin server access on all the SQL Server boxes
how to achieve this activity. Creating SQL login is fine but how to change the ownership of various objects, jobs to new login on all servers?
View 3 Replies
View Related
Jun 8, 2012
For code reuse, I am trying to get a table valued function to return users of a given AD group name. I can easily get this with hard-coding the group name. But because OpenQuery wont accept parameters, I can't insert my group name there. And because functions can't call dynamic SQL, I can't do it via dynamic sql. I have seen people do it with CLR, but I rather not go that route. I can use a stored procedure + cursor and iterate through each group and store the results into real tables and create a cache, but I rather query Active Directory itself to save space, but I rather do the caching then the CLR. Any approach I am missing on how to do this?
The following works fine:
SELECT DISTINCT sAMAccountName
FROM OPENQUERY(ADSI, 'SELECT sAMAccountName, sn
FROM ''LDAP://OU=SomeOU,OU=SomeOtherOU,DC=SomeDC,DC=SomeOtherDC''
WHERE objectCategory=''Person'' AND objectClass=''USER'' AND memberOf=''CN=SomeGroupName,OU=SomeOU,OU=SomeOtherOU,DC=SomeDC,DC=SomeOtherDC''') a
WHERE sn IS NOT NULL
The following gives me the error:
Invalid use of a side-effecting operator 'EXECUTE STRING' within a function.
CREATE FUNCTION [dbo].queryADGroupMembers
(
@group nvarchar(255)
)
RETURNS @rtnTable TABLE
[Code] .....
View 7 Replies
View Related
Aug 9, 2007
Hello,
I am fairly new to SQL 2005 and Reporting Services.
We are trying to create a report that will display sales data based on group membership from Active Directory.
For example, if USER1 logs in and looks at a Year to Date Sales report, it will only show data that pertains to his group. If USER2 logs in and accesses the same report, it will display different Year to Date information because he is in a different group.
Background Information: We are running SQL 2005 Enterprise Edition Service Pack 2 with Analysis and Reporting Services. We are delivering the reports through a Sharepoint site.
Please let me know if anyone has a good way to tackle this.
Thanks,
Justin
View 6 Replies
View Related
Aug 7, 2007
We are using Windows authenication within our system, and I was wondering how it would be possible to determine if the user conected to the SQL SERVER instance was a member of a particular active directory security group?
Thanks.
View 3 Replies
View Related
Aug 29, 2007
We would like to use the bulk insert function to import large CSV files into a SSE database however we have serious concerns regarding giving all our users these high privleges. Is there some way around this can we give them the privleges temporarily do the insert and take it away again or some other solution.
View 5 Replies
View Related
Jul 18, 2000
I have a question regarding BCP. We are doing a BCP operation from one machine to another machine. (i.e) Flat file from the web server are BCP on to the DB server. For this operation we have mounted the FTP directory of the web server on to the DB server. Say G: drive of the DB server is mapped to the Ftp directory of the web server.
Now when we run the BCP we get the following error.
SQLState = 08001, NativeError = 6
Error = [Microsoft][ODBC SQL Server Driver][Named Pipes]Specified SQL server not found.
SQLState = 01000, NativeError = 53
Warning = [Microsoft][ODBC SQL Server Driver][Named Pipes]ConnectionOpen (Create File()).
The connection is using NAMED PIPES.
Say when we BCP out the above error message comes but the flat file is generated with out any records in it.
Are we missing any parameter settings.
Please help.
View 1 Replies
View Related
Apr 6, 2007
Has anyone used this successfully from an OLEDB source component, or even from the Execute SQL Task? I've seen some examples of using a script component, but nothing that uses it through a connection manager.
View 6 Replies
View Related
Jan 8, 2007
i'm not sure to put this in data or security, so i'll put it in both and put on my flame suit.....I'd like to setup the security to use the one single DB that i've setup to use for my inventory, instead of the ASPNETDB.MDF that accompanies the normal setup.If i need to include more info, please ask.
View 1 Replies
View Related
Jun 11, 2008
In VS, you can automatically can create roles/members etc and vs creates tables in SQL Express.
Are there SQL scripts zo I can create the tables in SQL instead of SQL Express.
View 1 Replies
View Related
Jun 6, 2004
Hello,
I have recently upgraded my the server that runs SQL Server to an Active Directory Domain Controler. Now I can't connect to the SQL Server from ASP.NET Applications when the application is not located on the local machine. The error message I get is SQL Server does not exist or access is denied.
I have no problems connecting with QueryAnalyer and Enterprise Manager from my workstation. I have added the Sql Server to the directory via the "Active Directory"-tab in the Property window for my Sql Server Registration i Enterprise Manager.
If I copy a directory from the wwwroot on my workstation to the server the application has no problem to connect so the connectionstring seams to work fine.
Any ideas?
Regards,
Kalle
View 1 Replies
View Related
Jul 1, 2005
Any idea on how to query active directory to find out list of groups nad users etc..using sql server?
View 6 Replies
View Related
Jun 5, 2007
I look for and try to get data from Active Directory to MSSQL Server, but have same error:
Msg 7321, Level 16, State 2, Line 1
An error occurred while preparing the query "SELECT name
FROM 'LDAP://office.experter.group'
WHERE objectCategory = 'Person' AND objectClass = 'user'" for execution against OLE DB provider "ADsDSOObject" for linked server "ADSI".
for the code:
select * from openquery
(
ADSI,'SELECT name
FROM ''LDAP://office.experter.group''
WHERE objectCategory = ''Person'' AND objectClass = ''user'''
)
I create linked server:
EXEC master.dbo.sp_addlinkedserver @server = N'ADSI',
@srvproduct=N'Active Directory Services', @provider=N'ADsDSOObject',
@datasrc=N'office.experter.group'
I've changed security setting, format of LDAP. Please advise me
View 2 Replies
View Related
Nov 17, 2006
It's me again guys. First let me say that I truly appreciate the knowledge that I see on this forum. Now on to my question.
How can I use SQL Server to import the active accounts from our Exchange Server? Thanks.
Everything I know I learned from the web.
View 7 Replies
View Related
Nov 1, 2007
Sometimes a user name will change in Active Directory and I have to change the name in SQL Server as well. So what I do is first delete the old user name from SQL Server's logins. However I wont be able to see the new user name in SQL Server to add it as a legit user until I roboot the server. Is there somekind of code I can execute to resynchronize with Active Directory again?
View 5 Replies
View Related
Mar 14, 2007
Here is what I tried to do:
exec sp_ActiveDirectory_SCP @Action = N'create'
error message output:
The service cannot be started, either becuase it is diabled or because it has no enabled devices associated with it.
Msg 22039, Level 16, State 1, Line 0
xpadsi90.exe failed.
How do I get around this problem?
I have SQL server 2005 + sp2.
Thanks,
Bobby
View 5 Replies
View Related
May 28, 2004
I want to create a view in SQL populated with users from our Active Directory. I have learnt that this can be done using linked server. I have tried using the following:
sp_addlinkedserver 'ADSI', 'Active Directory Services 2.5', 'ADSDSOObject', 'adsdatasource'
go
sp_addlinkedsrvlogin @rmtsrvname = 'ADSI', @useself = 'false', @locallogin = 'sa', @rmtuser = 'lok_applications', @rmtpassword = '9dfFfG374GoiAo6yxxc8oZ'
SELECT *
FROM OpenQuery( ADSI,
'SELECT * FROM "LDAP://194.22.1.18/DC=lok,DC=net"')
I keep getting this error no matter what I try:
An error occurred while preparing a query for execution against OLE DB provider 'ADSDSOObject'.
OLE DB error trace [OLE/DB Provider 'ADSDSOObject' ICommandPrepare::Prepare returned 0x80040e14].
Any ideas why??
View 5 Replies
View Related
Nov 3, 2004
I was wondering how exactly one can search the Active Directory with SQL Server 2000. There is all kind of stuff on the Internet about how to connect them and how useful it is to connect them together - plus how you can use Active Directory to query SQL Server, but I`ve never encountered any article where they explain how SQL Server can search the Active Directory.
I`m thinking about how one has their user-database in Active Directory with all users in groups, but only uses groups in SQL Server. How exactly can SQL Server figure out how a user belongs to a group?
Does Active Directory tell SQL Server about that when the user tries to access something from SQL Server, or does SQL Server already knows which group is accessing it as soon as the user authenticates in Active Directory?
View 7 Replies
View Related
Nov 24, 2004
Hi,
I am new to Microsoft Technologies, can any one say how to connect/ retrieve data's from Active Directory through SQL SERVER from scratch. I need with some sample codes.....
Thanks in advance
raj d.s
View 1 Replies
View Related
May 9, 2007
Hi,
Couple questions regarding SQL Server Active Directory Helper service:
a)What is its purpose?
b)Where can I get more detailed information about this service and
SQL Server 2005 services in general?
c)How can the following error during start up phase of this service
be avoided?
Error Message:
'0' is an invalid number of start up parameters. This service takes two start up parameters.
FYI: SQL Server 2005 is run on Windows XP professional.
Thanks,
Mike
View 2 Replies
View Related
Jul 20, 2005
Hello All,I have a linked ADSI Server to our company Active Directory andeverything is fine. I'm running queries and such using LDAP. BUT howcan I aquire a list of attributes for the classes and categories. Suchas if i wanted to see a user's telephone number and email address foruse in a corporate database? Is this possible?Thanks
View 4 Replies
View Related
Sep 11, 2007
Does anyone know of any good references (books or web sites) that provide examples of querying AD from SQL Server? I have the database link setup and have done two very simple queries against AD but I would like to see more in-depth examples.
Thanks.
View 1 Replies
View Related
Aug 12, 2015
I have a SQL 2008 running on a server that is not part of an Active Directory Domain. I would like to add the server to Active Directory. How will this impact SQL in terms of the SQL users, Windows Authentication, and permissions?
View 2 Replies
View Related
Mar 19, 2008
Hi all,
just want to confirm this:
We have a department and want to grant them access to various databases on a sql server 2000 instance. Can we create an AD group for these users and just add the group as a login to SQL Server? Or do we have to create a db user for each member of the group and map the logins one by one?
Thanks
View 1 Replies
View Related
Jul 20, 2005
Hello --I'm trying to get SQL Server 2000 on a Windows 2000 Server to be ableto query an Active Directory. We've got two domain servers one Win2000and one Win2003. However, I'm having problems:I've run the following query to setup the linked server:sp_addlinkedserver 'ADSI', 'Active Directory Service Interfaces','ADSDSOObject', 'adsdatasource'Using Enterprise Manager I've changed the login details for the ADSIlinked server to:Be made using the following security context:Username: MyDomainAdministratorPassword: ****I've then tried to run the following query in Query Analyzer:SELECT * FROMOpenQuery(ADSI,'<LDAP://CN=Users,DC=MyDomain,DC=com>;(&(objectCategory=Person)(objectClass=User));name,ad spath')But get the following error message:Could not execute query against OLE DB provider 'ADSDSOObject'.Does anyone have any ideas on what this message means or how to getthis working?Thanks--James Allanjames [at] allan-home.co.uk
View 2 Replies
View Related
Jul 20, 2005
We have just installed a SQL Server 2000 (SP 3A) onto a computer thathas Windows-2003 Server on it. Now, we cannot get access to thatdatabase server from other computers. Seem like this may be an issuewith Active Directory.Our network consists of Windows-2000 Servers (SP 4) and Windows-2000workstations and Windows-XP workstations. We also have SQL Server 2000(SP2) in three Windows-2000 servers. All work fine. Recently, we get anew server that has already had Windows-2003 Server pre-installed.After we have installed SQL Server 2000 (SP 3A) on the new server, wefind that we cannot get access to that new database server from othercomputers.I have tried connecting to that new database server using QueryAnalyzer (using both the sa account and Windows Authentication), and Iget this error message:Unable to connect to server NEWDBSRV:Server: Msg 17, Level 16, State 1[Microsoft][ODBC SQL Server Driver][DBNETLIB]SQL Server does notexist or access denied.I have tried connecting to that new database server using ISQL (usingboth the sa account and Windows Authentication), and I get this errormessage:DB-Library: Unable to connect: SQL Server is unavailable or does notexist.Unable to connect: SQL Server does not exist or network accessdenied.Net-Library error 53: ConnectionOpen (Connect()).I have also tried to register the new database server using EnterpriseManager (again, using both the sa account and Windows Authentication),and I get this error message:NEWDBSRV - SQL Server does not exist or access denied.ConnectionOpen(Connect())The only way that I can get access to the new database server is toopen Enterprise Manager directly on the new server.I have compared the properties of the new database server and those ofthe other existing database servers. The only differences are:-Other database servers are running Windows-2000. The new databaseserver is running Windows-2003.-The new database server is missing the "Active Directory" page-tagwhen I check its properties using Enterprise Manager. We use ActiveDirectory in our network, and the Active Directory is being run from aWindows-2000 server (that is currently also a database server).According to our network administrator, he has already put the newserver into our Active Directory. He doesn't know why it is missingthe Active Directory page-tag. He believes this has something to dowith its having Windows-2003 that is different from other servers(that have Windows-2000).Thanks in advance for any info.Jay Chan
View 2 Replies
View Related
May 24, 2006
I mapped a login created with an Active Directory Group on server A to a login on server B through a linked server on server A and received a null login error when attempting to connect.
I changed the Active Directory Group login to an individual active directory login and the connection worked fine.
I saw someone post online somewhere that Active Directory Groups don't work with linked server by design--but I wanted to get confirmation on this. Can anyone confirm this, particularly someone from Microsoft?
View 1 Replies
View Related
May 29, 2015
How can I copy data like firstname, lastname, email from Active Directory into a SQL Server table?
View 4 Replies
View Related
May 23, 2007
I need to add one of our servers to active directory. I found some documents on SQL 2000 but no good document on SQL 2005. Can you please guide me to the documentation for this? Thanks
View 4 Replies
View Related
