Is there any easy way to move users between SQL Servers for a particular database?
We have tests and development servers I would like to make sure the user lists are in sync for that db.
Thanks
Hi ,
I have a bunch of Users about 150 of them. I think they can't even run a SELECT .
When they try to run a select they get error messages :
"SELECT permission denied on object 'Object name', database 'Db_name', owner 'dbo'."
I have check out every thing !! All these Users are the members of public role on the database !!
They work fine on other Db's with the same settings !!
Not Sure what to do
PLEASE HELPP !!!
Is there an easy way of just moving users from another db along with all it's permissions?
Constraint = Sorry, working with SQL Server 6.5.
Thanks in advance!
We are about to migrate SQL 7 databases from one SQL7 server to another SQL7 server, but we've run into an issue with transferring users/logins/passwords.
The problem is that one server is case-sensitive, and the other is not case-sensitive. This causes each server to encrypt passwords differently from the other.
Has anyone else experienced this before? Is there a workaround? Microsoft acknowledges this as an issue with SQL 7 (with case-sensitive to case-insensitive transfers), but offers no workaround.
Dan Tan
dan.tan@tekelec.com
www.Tekelec.com
Hi there!
I'm developing an application and i need to do the next thing:
I need to make a process, but this process just need to be done, when nobody else is modyfing datas in the database.
Is there anyway i could check this? I have read about the sp_who stored procedure but this one return all the activity in all the databases, and i just need to check in one specifically. And there's another issue, we all access with the user dbo to the database...
Any help will be appreciated..
I restored a copy of a database onto a new server. I created the proper logins on the new server prior to the restore. The users and permissions should all be identical. They appear to be in the system tables, but none of the users or permissions appear in the appropriate screens on Enterprise Manager.
Also, even though the permissions appear to be intact in the syspermissions table, when I connect as a certain user and try to query a table the user should have permissions on, I'm denied access.
Does anyone have any suggestions?
Thanks in advance!
Lisa Rae
Is there an SP that can tell the database, the users with access to the database, and their permissions? Meaning the result would be something like...
<database> <username> db_datawriter
<database> <username> db_datareader
<database> <usernameII> db_owner
Thanks in advance
-Kyle
What is the best way to move users from a 2000 sql server to a 2005 server? I have a bunch of issues with the passwords etc...
thanks for your time.
Hi,
I want to create a new user for my database and allow them to only select data from the tables...
CREATE LOGIN NEHardcoreWITH PASSWORD = 'abc'USE aiaccontentdb;CREATE USER NEHardcore FOR LOGIN NEHardcore
What permissions will this give to the new user? Do I need to grant any permissions and/or revoke any?
Thanks!
I am trying to create a new user for a SQL Server database and use the credentials in an
ASP.NET app.
Problem is dbo permissions are not being applied to the database objects when I set up a
new user (Logins -> New Logins) with SQL Server Authentication, set the default database to
the database I want.
I then get an error message saying that the user has not been granted access to their default
database : DBNAME and therefore will not be able to gain access to their default database.
I'm not sure why this is as I am logged in as sa.
Anyway, when I ignore the error and set-up this new user through the Users section of the
database none of the dbo permissions carry over.
Can anyone help?
Cheers.
I have used DTS to imports users from one database(a) to another(b)
DTS run fine, but the original permissions don't were filled.
Can someone explain How I can do it?
Luiz Lucasi
Rio de Janeiro - RJ
Hi,
did anybody encounter or write a stored procedure or a tool that sets all permissions on all users on a given database?
It is a major headache to set all permissions again after some changes with a tool like ErWin and then adding some users.
Kind regards,
Andreas Erben
hi, please anybody help me with this....
i need to have a user account with the following requirements:
a. can create/alter/drop tables/views that is created by this user;
b. can read/update/delete records from tables created by this user
c. can read/add records to tables created by other user
d. can create/edit/execute stored procedures
is this possible? how can i do this? how can i allow a user to create new objects or alter objects owned by him at the same time prevent him from dropping objects created by other user?
how can i give a user full access to objects that he created and limit his access rights like dropping objects, deleting records or updating records from tables that is not created by him?
can i do these thru enterprise manager or do i have to run some scripts in order for these to happen? if so, can somebody help me with the scripts or links that i can use for references?
thanks a lot! hope you can help me with these...
thanks a lot...
I have a user that I have granted the server role "securityadministrator" and a database role "db_securityadmin". When logged inas this user I can create new logins but not run sp_adduser to add thenew login to as this says I don't have permission to do this. I canhowever run sp_revokedbaccess to get rid of a user from the database.
View 2 Replies View RelatedJust got a new workstation and installed Enterprise Manager. Is there an easy way to migrate the registered servers from the old workstation to the new one.
I have about 30 servers defined under 6 groups. It would certainly be a lot easier if there was a file I could drag from one workstation to another.
Sidney Ives
Database Administrator
Sentara Healthcare
Hi all, I have a database that is duplicated on 4 different SQL Server 2000 servers. I created a database diagram in one of those identical databases using EM, and thought I would like to copy it across to the other 3 databases. I can't find any way to do that though.
Any ideas? I can right-click and copy the diagram in the source server/database, but can't "paste" into the second server/database's Diagrams directory.
I know the diagram is created from the objects in the dabase, but mine required some customization and it would be really cool if someone has a silver bullet I could borrow to make the diagrams in the other DB's match up to the formatted one.
We have about 50 SQL Servers (most 2000 but some 2005) in different domains and behind firewalls and we implementing the PCI rules for the use of credit card data. One thing we need to do is to audit users and their rights. I have a stored proc that can run each night and record users and permissions.
My main problem is trying to bring all that data together on a central box and then parse through it to see if I have any offenders. The parsing is not the issue, but the polling is. I could use the SA account or create a audit account with SA rights but both of those solutions go against the PCI mantra.
Can someone who has done this give me some guidance as to what you did. I know that there are some third party tools that would probably do this, but my department is on a shallow budget and my overtime is free.
Any suggestions would be greatly appreciated. Thank you!
Jim Youmans
St. Louis
Hi Everybody,
I am working on SQL 7.0/2000. I have given lot of permissions to the user 'duser1'. The permissions like select,etc..,create... Now I want to give the same permissions(what I have given to 'duser1') to the other user called 'duser2'. Right now I hvn't created any Database Roles or Server Roles.
Do we have any easy method to copy the permissions of one user to the other user?, like script generation or any method. If anybody knows that please guide me.
tks in advance,
Sam
I have an archival process on a large database that runs once a month.At the beginning of the process the triggers and indexes on thetables whose data is moved are dropped, the data is moved and then thetriggers and indexes are recreated at the end. This produces amassive improvement in performance.The problem is the process is supposed to run on users accounts (thatsthe way the front-end is set up) and they don't have the neccessarypermissions to drop & create triggers & indexes. I can't see any wayto give them permissions only on specific tables or triggers/indexes.Nor does giving them permissions to the stored procedures that do thedropping & re-creating work, DDL permissions don't seem to beinherited the way they are with tables.Is blanket rights to drop & create objects through the db_ddladminrole the only way users can get rights?Thanks,K Finegan
View 2 Replies View RelatedAs our customers demand that we tighten our IT security in the company,I've been asked to prepare a report quarterly showing, for each user inActive directory, what his effective permissions are for every table inevery database that he has permission for on our SQL Server 2000 server. Isearched a bit for a tool to do this, but all I found was the PERMISSIONS()function for showing effective permissions of the current user. Is thereany way to do it for an arbitrary user, without logging in as them?
View 5 Replies View RelatedI have looked and looked and looked and can not find an answer to this simple question. I want a way to script out all the permissions for a given user.
I have a user (User1) and he has the following permissions lets say:
Server
- View Server Activity
Database1
- CREATE AGGREGATE
- CREATE DEFAULT
- CREATE FUNCTION
- CREATE PROCEDURE
- CREATE RULE
- CREATE SYNONYM
- CREATE TABLE
- CREATE TYPE
- CREATE VIEW
- SHOWPLAN
- VIEW DEFINITION
Schema1
- SELECT
- INSERT
- DELETE
Schema2
- SELECT
- EXECUTE
Objects
- SELECT ON schema3.table1
- EXECUTE on schema4.storedproc1
I need a something (script, report, voodoo magic spell) that will show me this. It is hard to believe that this is not a built in report with SQL2005. It was hard to do in 2000 but you could do it if you played around with the scripting options enough. I can not find a clear cut way of doing this in 2005 to save my life. Maybe I am just blind, but my fellow DBA's have the same problem.
How can I do this? Please???
Jim Youmans
St Louis
Hello all,
I was wondering if there is a way to move ODBC connections between SQL servers? We are replacing our current server with newer hardware, and I have pretty much everything figured out except this.
Thanks for any help and/or hints.
I have user that we just migrated his Access database to SQLServer. All went well with the migration, but then he came up withanother requirement to be able to replicate the database to a localSQL server living on the hard drive of a laptop. Before the migrationhe just copied the entire Access databse to the lap top.I tried using the Copy SQL Server Objects Task to move thenecessary tables from the production server to the laptop, but noticedit doesn't copy over the table Indexes/keys identiy fields etc. Iended up backing up the production database and restoring it to thelaptop database, but wondered if there is any way to move the tables,with their properties from one server to another? I know I can setup the backup process to run as scheduled, but the problem is the dataneeds to be moved on an irregular time table. I thought about justwriting code on the remaining Access front end to empty the localtables and then query the data from the production side to reloadthem, but I'm sure there's an easier way.Any suggestions would be appreciated.Thanks,Tom
View 1 Replies View RelatedI have a set of packages that use an Indirect Configuration to a XML config that gives each package a connection string to the Configuration database. The configuration database has all the connection strings for every connection I use.
I just moved my dbs to a new server. I updated the XML config file to point to the new server and updated the connections in the configuration table. I am having two problems. When I open packages in BIDS, I am receiving errors because the connection strings embedded in the packages were pointing to the old server. I updated the Data Sources in the solution and that didn't fix it. Why is it not using the configurations?
Also, on the production box (64bit), I am having the same problem. It is not reading in the connections from the new SQL configuration table. All my connections that are producing errors are OLEDB for SQL.
Any ideas?
Thanks,
Abe
I'm having some issues restoring a backup of database that uses native encryption onto another server. I know there are a couple of articles on this but I seem to be missing something. Any help would be greatly appreciated.
Current Server Windows 2000
Destination Server Windows 2003
The original key setup for the current server was achieved by something like this:
CREATE SYMMETRIC KEY HR01 WITH algorithm=DES encryption BY password = 'HRpassword'
Running the command select * from sys.symmetric_keys on the current server I get the following:
name
principal_id
symmetric_key_id
key_length
key_algorithm
algorithm_desc
create_date
modify_date
key_guid
HR01
1
256
56
D
DES
2006-11-22 16:36:01.883
2006-11-22 16:36:01.883
BBD80500-338F-47D7-B336-85D46E00F2F0
So I restored the database onto the new server and ran this script:
OPEN MASTER KEY DECRYPTION BY PASSWORD = 'Password';
ALTER MASTER KEY ADD ENCRYPTION BY SERVICE MASTER KEY;
GO
I don't have a master key... so I go back to the original server and ran this script and did another backup:
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'Password'
OPEN MASTER KEY DECRYPTION BY PASSWORD = 'Password';
ALTER MASTER KEY ADD ENCRYPTION BY SERVICE MASTER KEY;
Running select * from sys.symmetric_keys on the current server now looks like this:
name
principal_id
symmetric_key_id
key_length
key_algorithm
algorithm_desc
create_date
modify_date
key_guid
##MS_DatabaseMasterKey##
1
101
128
D3
TRIPLE_DES
2007-04-23 16:03:09.183
2007-04-23 17:02:46.630
1CB0D800-0173-4A1E-B841-362B454E60AC
HR01
1
256
56
D
DES
2006-11-22 16:36:01.883
2006-11-22 16:36:01.883
BBD80500-338F-47D7-B336-85D46E00F2F0
I then restored the new backup onto the 2003 server and ran this script:
OPEN MASTER KEY DECRYPTION BY PASSWORD = 'Password';
ALTER MASTER KEY ADD ENCRYPTION BY SERVICE MASTER KEY;
GO
The alter script now runs fine but I get the error message: The decryption key is incorrect when trying to open the HR01 key
I need to be able to set up a table listing users permissions, this needs to be run daily and then notify me of any changes without using the auditing or profiler software.
Any ideas?? :eek: :eek: :confused:
Hello all,I am looking for the script, which I believe exists already.I need tobe able to populate the script for security of one database andapply it to another database, even if it is located on another server:1. All logins which not exist have to be created and which existsignored including the NT accounts2. Users same as the old database + the existing ones stay in database3. Passwords for the new logins.4. All permissions/grants on all objects for the users that exists(usually it's the case) and ignore those that don't.I have script which does some of it, but it's not perfect, so everytime there are some errors.Please let me know, if you need me to email script that I have. It'spretty long so I cannot just post it in here.Thank you in advance.
View 3 Replies View RelatedI am in need of a utility (stored procedure, third party app, etc)that will help streamline the process of managing and auditing objectpermissions, users and roles on multiple sql server 2000 instanceswith multiple databases on each instance. That's a quick overview ofwhat I need, do I need to be more specific?Thanks.
View 2 Replies View Related
Hello team, I have learned quite a bit from everyone here. I have decided to post a question for you guys and see what the best method is. Our Sr. DBA has asked me to get a list of all of our users permissions on all of our databases. We have about 20 SQL servers some of which have more databases and instances than I have fingers and toes. Can anyone recommend any solution to this problem? Perhaps there is a script I can download/write which will help me on this? Thanks in advance.
We have succesfully moved SQL server to a new machine and this same machine will also be running IIS 5.1 to host our intranet. We will be doing the actual developing on other machines and publishing the site to the new machine.
Now, when I went to test the site, it all comes up just fine, but logging in is a problem. What do I need to do to configure the new SQL server to accept new members, logins, etc.
Oh, and actually membership is still on the "old" SQL.
When I tried to login, I get this:
Server Error in '/' Application.
Login failed for user ''. The user is not associated with a trusted SQL Server connection.
Thanks for the information.
Greetings all,This should be an easy task, and Im sure it is, but as many times as I havetried, I cant seem to get this to work properly.We changed ISPs recently from a shared host to a co-located server, and ourformer host was nice enough to send us a backup of our old SQL2000 database(about 5MB).I went into Enterprise Manager, created an empty database with the same nameand used the Restore Backup tool successfully. I took a look at the db andsaw all the Tables and data intact.Next I wanted to re-create the DSN to match the old one so that I wouldnthave to fiddle with any of the old connection strings in my asp pages.Thats where the fun began. The old DSN was created by our host via an emailrequest and I never got a look at the actual creation process of that DSN.I created one on our colo server with the same name, but it would only passthe connection tests when I used the Windows User Authentication rather thanSQL Server Authentication. No big deal I figured, and just went ahead andset it up using the same DSN name.Next I tried the main.asp page to test the DSN and lo and behold I got theODBC connection errors. I tinkered with the connection strings a bit andmanaged to get a wide variety of connection errors and fine-tuned to thepoint that it said "Unable to login with user 'SERVER169/nacog'". At thispoint, I went into Enterprise manager and added 'nacog' to the User list andthe connection string no longer produced errors. (By the way, my connectionstring simply contains "DSN=YAVAPAICONNECT;")My next step was to actually execute a SELECT statement which produced thefollowing error:Microsoft OLE DB Provider for ODBC Drivers error '80040e09'[Microsoft][ODBC SQL Server Driver][SQL Server]SELECT permission denied onobject 'ADMINS', database 'YAVAPAICONNECT', owner 'dbo'./nacog/admin/main.asp, line 189Why was I not surprised?I went back to Enterpise Manager, saw the all the tables had 'dbo' as theowner, and tried to give 'nacog' all the permissions at the table level, butthe error persists.To preserve my sanity I stopped there, because I spun my wheels for hoursand days the last time this happened. and my eye has not stopped twitchingsince ;)I am quite sure that this has something to do with one or all of thefollowing:1) The way SQL2K was installed (it was installed by someone else)2) My creation of the db with the windows login, rather than SQL auth, priorto import3) My creation and handling of the DSNMy background is mainly in ASP programming, and I understand bits and piecesof this puzzle, but for the life of me I cannot piece this thing together.Can anyone help point me in the right direction or suggest a good tutorial?I would be very thankful to anyone who could help put me on the right track.Best Regards,Ben M.
View 1 Replies View RelatedWe are having problems finding out how to transfer user permissions and passwords to a new server when we copy a database.
We have tried sp_helprotect and looked at system tables to try and retrieve the details to no avail.
The reason for this is that we are trying to write an application to automate this as we have many databases to transfer.
Thanks in advance.
Ian Webb
Hi,I work as an IT Administrator and part of my job role is to useEnterprise Manager and Query Analyzer to backup the logins andpermissions for each database on our SQL Servers. This information isused as a backup in the event of a server failing so we then havesomething to fall back on if we need to add the same logins/permissionsagain.This takes ages to do, as I have to manually enter all the informationinto a spreadsheet.Steps:- In Enterprise Manager I connect to a server then 'Security' tab, then'Logins'. I then enter all items into a spreadsheet.- In Query Analyzer I connect to a server then do 'sp_helpuser' to listall the permissions for each database. I then enter all informationinto a spreadsheet.I was wondering if there is such a program available on the market thatwould do this for me? I know that MS Baseline Security can show flatfile share permissions to a certain degree and was wondering if therewas a similar program out there to help me do my job easier, or ifthere is a simple way of doing this in the future...Any feedback would be greatly appreciated.Regards,Jenny
View 2 Replies View Related