One More Connection Problem-Security Issue

Sep 10, 2006

My company gave me their old Windows 2000 server. I installed my
database on it and the ODBC connection works perfectly on the server.
When I go to my client machine I go the the ODBC Connections in it and
it fails. It refuses connections and will not reply to pings. It is not
a network issue, as I can telnet to the server just fine. It's strictly
a security issue. I just have no clue where to look. Any suggestions
would be appreciated. Thanks

View 1 Replies


ADVERTISEMENT

SQL 2012 :: Persist Security Info And Integrated Security In Connection String

Dec 4, 2014

I use from sql server 2008. and c#

what is the best connectionstring?

I don't know if i use Persist Security Info and Integrated Security or not?

And if yes then their value must be true or false?

View 1 Replies View Related

SSPI Handshake Failed With Error Code 0x8009030c While Establishing A Connection With Integrated Security; The Connection Has Be

Mar 7, 2006

Hello, I have a sql 2005 server, and I am a developer, with the database on my own machine. It alwayws works for me but after some minutes the other developer cant work in the application

He got this error

Login failed for user ''. The user is not associated with a trusted SQL Server connection. [CLIENT: 192.168.1.140]

and When I see the log event after that error, it comes with another error.

SSPI handshake failed with error code 0x8009030c while establishing a connection with integrated security; the connection has been closed. [CLIENT: 192.168.1.140]

He has IIS5 and me too.

I created a user on the domain called ASPSYS with password, then in the IIS on anonymous authentication I put that user with that password, and it works, on both machines.



and in the connection string I have.

<add key="sqlconn" value="Data Source=ESTACION15;Initial Catalog=GescomDefinitiva;Integrated Security=SSPI; Trusted_Connection=true"/>

I go to the profiler, and I see that when he browses a page, the database is accesed with user ASPSYS, but when I browse a page, the database is accesed with user SElevalencia.

Thats strange.

The only way that the other developer can work again on the project is to restart the whole machine. He has windows xp profession, I have windows 2000.

If you want me to send logs please tellme



View 20 Replies View Related

SQL Connection With VB Using NT Security?

Oct 23, 2007

I apologize for a dumb question, but where could I find an example of making a VB 6 (not .NET) connection to a SQL 2005 server using the current user's NT security properties? I don't want our users to use ODBC, nor have to hard code a SQL login. I wish to control access via their presence/absence in an active directory group. I think this means I want the VB to use the current user's NT security context to help with the connection. I will pass the server and the DB, but I do not want to pass the password. I am pretty sure there is a method for this, but I cannot find one. All my examples show a sql login and a password as part of the string.

Thanks for any pointers.

View 3 Replies View Related

FlatFile Connection And Security

Jun 24, 2005

My DTS package, deployed and run from the file system, works just fine for me, but fails when someone else runs it. The only explicit error from the dtexec command is:

View 11 Replies View Related

Trusted Connection Security Breach?

Apr 17, 2002

I have a user who has some ODBC connections that use SQL Authentication (through a generic id)to connect to SQL Server that work fine. What worries me is the user can access the same SQL Server throught NT authentication and connect through QA, EM (registering a server) or ODBC, even though she is not listed in the security of that SQL Server as a SQL user or and NT user. Worse is that she seems to have full rights to the server. I had her log in on another box and the same thing happened. I am on SQL 2000 SP1. Anyone have any ideas to is it time to call MS?

View 2 Replies View Related

SQL2K WIN2K3 CONNECTION SECURITY

Jul 23, 2005

Microsoft Security Paradigmes are Irritating. I sure they're fine onceyou know what they are, but for the uninitiated it's quitecounterintuitive to work with.I moving an old SQL Server-backend-IIS5/ASP-frontend application toservers with windows 2003 standard edition. One server will run thedatabase the other will run IIS 6.0. Note that i haven't set-up adomain, which i think requires one machine to be domain controllerwhich would decrease performance and stuff. I've simply put them on thesame group.I wan't to restrict access the sql server so only the incommingconnection from the webserver is allowed. I can use either namedpipes(which should be the fastest protocol) or tcpwhich should beslight slower than named pipes) but i seem to have a problem. If I usenamed pipes to connect the IUSR(the user under which IIS is running)must have access-rights to IPC$ share on the sql server. I can't seemto set any access-right directly for IPC$ share, but i can reactivatemy guest user and then it works, everyone can now access the ipc$ shareso it's not really what i'm looking for.I can also connect through TCP( and set up some kind of filter onlyallowing incomming connections on port 1433 from the ip of the webserver.But i don't know how to do this. I've taken a look at the IPSec stuffbut it's all about kerberos authentication and other bull which i don'tthink i need. What i need is simply a ip traffick filter, which doesnothing else but reject incomming connection from all other ip's thanmy webserver.My question is how do I do this? Do i need to have a addtitíon"firewall" service running and if so why, how much extra overhead willthis create for the server. Alternately, is it possible to change theaccess right for the IPC$ share manually?Thanks in advance for any input you might have on this?Regs Jens

View 2 Replies View Related

Connection Problems Using Standard Security

Oct 17, 2007


I have an app that queries the same SQL Server, instance and database. In one execution of the app, it makes multiple queries against the database in two different runs, each run being approx. 10 seconds apart. The app app does remote logins to the SQL Server using Standard Security. Each run makes twenty (20) connection attempts and all connection attempts between the two runs are using the same SQL account/password€¦(when successful) there is a .5 second delay between each attempt. So, here is a visual description:

Run 1
- connection attempt 1 (.5 sec delay), account1/password
- .
- .
- .
- connection attempt 20, account1/password

(10 second delay)

Run 2
- connection attempt 1 (.5 sec delay) , account1/password
- .
- .
- .
- connection attempt 20, account1/password


The problem I€™m seeing is: All connection attempts in Run 1 are successful in connecting to the SQL Server. All connection attempts in Run 2 are UNSUCCESFFUL when connecting to SQL Server (error message is €œSQL Server cannot be found or Access Denied€?). Remember, ALL connection attempts are using the same SQL account and password.

As an added note: When I switched from using SQL Standard Security to Windows Security, ALL connection attempts in each Run was successful.

Does see anything wrong with this? Is Standard SQL Security limited in the number of simultaneous connections or in some other kind of way?

View 1 Replies View Related

Sql Connection Fails With Integrated Security=SSPI

Apr 9, 2008

I am using windows impersonation in a CLR that is retrieving folder structure. In order to use impersonation I need to pass the windows credential to the SQL server so I am trying to use "integrated security=SSPI" and I also tried "integrated security=true" as well with the same result...I get the error: Login failed for user ''. The user is not associated with a trusted SQL Server connection.
The SQL Server and IIS are located in different un-trusted domain. I am however able to connect to the SQL Server using user id and password. In my web.config file:
<add name="ConnectionName1" connectionString="Data Source=IpAddress,Port#;Initial Catalog=DatabaseName;Integrated Security=true;persist security info=False; Trusted_Connection=Yes;" providerName="System.Data.SqlClient"/> à Doesn’t work
<add name="ConnectionName2" connectionString="Data Source=IpAddress,Port#;Initial Catalog=DatabaseName;uid=user;pwd=password;" providerName="System.Data.SqlClient"/> Ã WorksBased on the error message it looks like there is no user passed to the SQL server.
What am I missing? At this point I am thankful for any input…
 
 

View 5 Replies View Related

Connection To SQL Express ONLY With Integrated Security But WITHOUT Domain

Aug 16, 2005

Does anybody know if it is possible to establish a connection to an sql express instance only with integrated security when this express instance is running on XP which is NOT part of a domain?

View 1 Replies View Related

IIS Security Update Breaks VWD Default Connection Strings

Apr 27, 2008

Hi,A person from my company's IT department approached me a few days ago saying that they followed some instructions on a recent security vulnerability in IIS whereby they where told to turn impersonation off in IIS.  I'm afraid I don't know the exact procedure, but I do know that it took down all of my applications with the following error:"Failed to generate a user instance of SQL Server"I do NOT have impersonation enabled in my web.config, however all of my connection strings look like the following:<add name="myConnectionString" connectionString="Data Source=.SQLEXPRESS;AttachDbFilename=|DataDirectory|myDatabase.mdf;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient"/>From what I've read, this type of connection string, which VWD 2005 generates by default, is not the correct way to go about connecting to a database.  Could this be my problem??Thanks! 

View 1 Replies View Related

Help With Java Connection To MS SQL 2000 With Windows Integrated Security

Jul 23, 2005

Hi , I am trying to connect to MS Sql server 2000 from Java (1.4.2 /1.5 ). I installed my Sql Server(8.00.382) from the one supplied withVS.NET 2001. When I installed it on my laptop it did not ask me for auser name and password. After install when I re-started my machine Isee the server started up with a green light. Now when I connect to theserver from VS.NET it works fine. This is because VS uses windowsintegrated security. I now need to connect using Java , so I downloadedthe microsoft drivers for SQL2000-JDBC sp3 from the microsoft site. Iadded the jar files to my Java project classpath. I manage to registerthe driver in java :Class dbClass = ClassLoader.getSystemClassLoader().loadClass("com.microsoft.jdbc.sqlserver.SQLServerDriver");DriverManager.registerDriver((Driver) dbClass.newInstance() );Connection conn =DriverManager.getConnection("jdbc:microsoft:sqlserver://localhost:1433;_integrated security=SSPI");but cannot seem to get a connection as it gives an SQLException sayingthat it is unable to connect:java.sql.SQLException: [Microsoft][SQLServer 2000 Driver for JDBC]Errorestablishing socket.I cant seem to figure it out.Can some one help ??I am a newbie to sqlserver so couldnt quite figure out how to changeadmin password or create a new user with the tools provided with thisversion of sql (SQL Server Desktop Engine).Any help will be appreciated.Ebby

View 3 Replies View Related

Trouble With Flat File Connection - Possible Security Issue

Sep 10, 2007



hello. after deployment my SSIS code to a different server - I get the following error:

"The file name "C:\Documents and Settings\Administrator\Desktop\filename.txt" specified in the connection was not valid.
"

This is a flat file connection - and the file does in fact exist - but the difference is that I'm running the DTS package under a different account.

I would like to set the flat file connection to run under a different account - can I do that? Is that the "Creator" property?

View 1 Replies View Related

Are These The Correct Steps? -- Encrypted Connection String And Security

Feb 6, 2007

Hi,

Assume I have an asp.net/sql server 2000 web app in a shared hosting
environment. I then encrypt the connection string using
ProtectSection("DataProtectionConfigurationProvider") in the page load
of my default.aspx page.

Am I understanding the following concepts then correctly?

1. I upload the site to the shared hosting server.
2. The first time I run the app eg. www.whatever.com/default.aspx,
the ProtectSection method above is executed.
3. Now the conn string area of my web.config is encrypted, and
asp.net will decrypt as needed.

4. If someone were to hack the server and view the web.config --
whether via getting into the server or via ftp, they would see an
encrypted connection string.
Thanks very much!

View 1 Replies View Related

SQL Security :: Login Failed For User Null / Not Associated With Trusted Server Connection

Jun 19, 2015

Any way to find out who's causing "Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection." error in SQL Server error logs?

View 7 Replies View Related

Integrated Security Doesn't Work - Not Associated With A Trusted SQL Server Connection. Error

Oct 20, 2006

 

Hi,

I have a piece of Java code that needs to connect to SQL 2000 (SP4) using Windows Authentication. It's running on Windows Server 2003 SP1.

I tried JDBC v1.1 and followed the code from the following blog:

http://blogs.msdn.com/angelsb/default.aspx?p=1

But still get this error as shown below. Any help appreciated.

I am using JDK1.4.2, "sqljdbc_auth.dll" is located under "E:SQL2005JDBCDrvsqljdbc_1.1enuauthx86", also made a copy under "E:JavaTest" and "C:WindowsSystem32" but still won't work.

Cheers

Allan

 

===========================================================

E:JavaTest>javac -classpath ".;E:JavaTestsqljdbc.jar" TestW2.java

E:JavaTest>java -classpath ".;E:JavaTestsqljdbc.jar" -Djava.library.path=E:S
QL2005JDBCDrvsqljdbc_1.1enuauthx86  TestW2
com.microsoft.sqlserver.jdbc.SQLServerException: Login failed for user '(null)'.
 Reason: Not associated with a trusted SQL Server connection.
        at com.microsoft.sqlserver.jdbc.SQLServerException.makeFromDatabaseError
(Unknown Source)
        at com.microsoft.sqlserver.jdbc.IOBuffer.processPackets(Unknown Source)
        at com.microsoft.sqlserver.jdbc.SQLServerConnection.processLogon(Unknown
 Source)
        at com.microsoft.sqlserver.jdbc.SQLServerConnection.logon(Unknown Source
)
        at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(Unknow
n Source)
        at com.microsoft.sqlserver.jdbc.SQLServerConnection.loginWithoutFailover
(Unknown Source)
        at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(Unknown Sour
ce)
        at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(Unknown Source)
        at java.sql.DriverManager.getConnection(Unknown Source)
        at java.sql.DriverManager.getConnection(Unknown Source)
        at TestW2.main(TestW2.java:7)
===========================================================

The code is simple (TestW2.java):

import java.sql.*;

public class TestW2 {
 public static void main(String[] args) {
  try {
   java.lang.Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
   Connection conn = java.sql.DriverManager.getConnection("jdbc:sqlserver://VMW2k3ENT003.TESTCBFPOC.COM.AU;integratedSecurity=true");
   System.out.println("Connected!");
   conn.close();

  } catch (Exception ex) {
   ex.printStackTrace();
  }
 }
}

==============================================================

View 27 Replies View Related

Code Access Security Across Multiple Assembly Security Extension

Oct 14, 2005

Hello there I have trying to figure out for days how to enable FullTrust for my Reporting Services security extension.

View 9 Replies View Related

SSRS -- Security Filter And Model Item Security Setting

Jul 31, 2007



Hi,


I have posted this issue for a week, haven't got any reply yet, I posted it again and desperately need your help.


The article http://msdn2.microsoft.com/en-us/library/ms365343.aspx says:
Model Item Security can be set for differnt security filters, but when I use SQL Server Management Studio to set Model Item Security, it seems "Permissions" property surpass "Model Item Security" property. -- My report server is using Custom Authentication.



For example, in "Permissions" property of the model, if I checked "Use these roles for each group or user account" without setting any user or group, no matter what users I added to "Model Item Security" with "Secure individual model items independently for this model" checked, NO one user can see the model on report manager and report builder;

in above situation, if I added "user1" and gave role such as "Browser" role to "user1" in "Permissions" property, if I checked "Secure individual model items independently for this model" in "Model Item Security" property, even I did NOT grant "user1" to root model and any entities under the model, the "user1" is able to access the model and all entities in report builder.



My question is on the same report model, how to set "AdminFilter" (empty security filter) for administrator permissions and set "GeneralFilter" (filtered on UserID) for general user based on their UserID?


The article also says:

"Security filters are always applied, even for users who have Content Manager or Administrator permissions to the model. To allow administrators or other users to see all rows of an entity on which row-level security is defined, you can create an empty security filter (which always returns True) and then use the filter to grant those users access to all the rows."



So I defined 2 filters "GeneralFilter" and "AdminFilter" for "Staff" entity for my report model "SSRSModel", I expect after I deployed the report model, the administrator users use report builder to build reports with all rows available, and the non-admin users can only see rows based on their UserID.



I can only get one result at a time but not both:

either the rows are filtered or not filtered at all, no matter how I set the "SecurityFilter" for the entity: I tried setting both "AdminFilter" and "GeneralFilter" for SecurityFilter at the same time, combination of "DefaultSecurityFilter" and "SecurityFilter", or one at a time.



Your help is highly appreciated!

Desperate developer

View 1 Replies View Related

Differance Between Persist Security Info And Integrated Security

Apr 26, 2007

hi i want to know what is the differance between  
Persist Security Info=False;Integrated Security=Yes;

View 1 Replies View Related

SQL Security :: Running Job As Windows Security Group

Oct 18, 2015

Is there any possibility to schedule SQL job execution as Windows Security Group? I need to run powershell script through SQL job with one of this group member's permissions. 

View 4 Replies View Related

Setup Of Security / Integrated Win Security On Vista

Jul 6, 2007

I have Sql Server Express installed on Vista (service pack 2)

I have Visual Studio 2005 with an application that I'm trying to access it with within a WCF service.



The login ID of the service is added to the database.

The database has remote access turned on.

The ID is granted access to all databases within the server.

The thread is being set with WindowsProvider and the services set their thread to WindowsProvider.

The dataserver is set with using Windows Authentication for security.



When I open my connection to the database, though, it reports the typically useless message that the connection is not allowed and that the server may not allow remote connections.



How to I get past this? I've done everything right.

View 1 Replies View Related

Use An Existing AD DL Security Group For Security Role

Jun 18, 2007

I want to use an Active Directory security group that is a Distribution List for a new role assignment for an existing report. Can someone tell me if this is possible? I get an error each time I try:














The user or group name <DLName> is not recognized. (rsUnknownUserName)"

View 1 Replies View Related

SQL 2K Security Baseline Or Security Checklist

Jul 20, 2005

Is there anybody out there with a MS SQL 2K Security Baseline orSecurity Checklist. Where can I get one????Thanks in advanceDavid

View 1 Replies View Related

SQL Security Events In Windows Security Log

Feb 28, 2008



Hi;

I am looking for a way to log all security related events for SQL in Windows Security Log. I am trying to use SCOM for monitoring SQL and I am looking at ways to generate alerts in my SCOM Console for specific events in SQL e.g. A table is deleted, user is modified, deleted, etc. Is this possible and if yes how do I achieve the same?

Rgds;

View 6 Replies View Related

Transport Security Vs Dialog Security

Aug 3, 2006

In an environment where there are many initaitors speaking to a central target with frowarders in between, from what i can understand this best policy is to disable encryption on the endpoints, since dialog encryption will be enforced this is all that is really required, is this correct.

If the endpoints used encryption the message would need to be encrypted and decrypted at each forwarder resulting in slower perfromance, where as dialog encryption would only encrypt at the sender and decrypt at the target, so is this the best way to go?

Secondly is it best practice to open a dialog initally and send messages over this dialog for years never ending the conversation? This way the services only have to authenticate eachother once, if there are no reboots etc that is of course.

I would think performance wise sending each message and ending the conversation each time is a much greater overhead ? So would it be best practice to keep dialogs open and keep sending messages ?

Initally when i was learning service broker i thought that one must send a message and end the dialog until the next message, but i think the other way is the best option ?

Is this correct ?

Thanx

View 1 Replies View Related

Dialogue Security Vs Transport Security

Feb 19, 2007

Hi

I'm designing a distributed application where I will have SQL Server 2005 distributed databases replicating data to my central hub which is again a SQL Server 2005 database using SQL Service Broker. Data will be sent from the central hub to the distributed sites and vice versa. I need to authenticate the communication and also secure the communication by encrypting the messages. Which security shall I use? Where do I configure the type of security being used? What is the difference between transport security Vs dialogue security - Full security model?



Thanks

View 4 Replies View Related

Cannot Set Connection Property Of Backup Database Task If Connection String Is Customized In Connection Object

Aug 23, 2006

I added a connection (ADO.NET) object by name testCon in the connection manager - I wanted to programmatically supply the connection string. So I used the "Expressions" property of the connection object and set the connectionstring to one DTS variable. The idea is to supply the connection string value to the variable - so that the connection object uses my connection string.

Then I added a "Backup Database Task" to my package with the name BkpTask. Now whenever I try to set the connection property of BkpTask to the testCon connection object, by typing testCon, it automatically gets cleared. I am not able to set the connection value.

Then after spending several hours I found that this is because I have customized the connection string in testCon. If I don't customize the connection string, I am able to enter the "testCon" value in the connection property of the BkpTask.

Is this an intrinsic issue?

View 2 Replies View Related

Failed OLEDB Connection: Cannot Aquire Connection From Connection Manager

Feb 6, 2008

I have a package that uses a for loop to iterate through an unknown amount of excel files and pull their data into a table. However, there will be cases when the file is corrupted or has some sort of problem so that either the transformation will fail or the excel data source will fail with an oledb connection error.
Could anyone suggest a clean way to trap these errors? Specifically, the "Cannot Aquire Connection from Connection Manager", which is the excel connection.

Thanks,

John T

View 3 Replies View Related

NT Security Vs SQL Server Security

Jun 19, 2000

Hi:

Can anybody tell me the advantage and disadvantage to use NT security for SQL Server 7.0? For a corporation with 400 users, what is your recommendation for the SQL Server security management. Thanks.

Joan

View 1 Replies View Related

Windows Security Vs. SQL Security

Jul 30, 2004

What's the better security to use? Currently I'm always registering using the Windows authentication. When I'm trying to register using SQL authentication I always get "Login failed for user 'sa'" error....

View 1 Replies View Related

Connection Strings, Trusted-connection VS Username-password, SQL Server 2005 Express

Mar 9, 2007

All --
Please help.
I have some questions about connection strings.
 
BACKGROUND...

Note that I am using the "SQL Native Client OLE DB Provider", SQL Sever 2005 Express, ASP.NET, C#.NET, and VS.NET 2005.
Note that I do not want to use the "Attach a database file" type of connection string.
Note that I am using the site http://www.ConnectionStrings.com as a reference.
Note that this "Standard security" connection string...<add name="LocalSqlServer" connectionString="Server=MYTESTOFFICESERVERS;Database=MyDatabase;Uid=MyDatabaseUser;Pwd=MyDatabasePassword;" />...does not work and causes the following run-time error...A connection was successfully established with the server, but then an error occurred during the login process. (provider: Shared Memory Provider, error: 0 - No process is on the other end of the pipe.)
Note that this "Trusted connection" connection string...<add name="LocalSqlServer" connectionString="Server=MYTESTOFFICESERVERS;Database=MyDatabase;Trusted_Connection=yes;" />...works but is less-than ideal because it uses a Trusted Connection rather than a Username/Password combination.
 
QUESTIONS...
(A) What exactly does the error in Item 4 mean?
(B) Do 4 and 5 imply that one must use a Trusted_Connection for all SQL Server 2005 Express connection strings when the database does not reside in the web application's App_Data folder or use a "Attach a database file" type of connection string?
(C) Are there any alternatives?
(D) What do you suggest?
 
Please advise.
Thank you.
-- Mark Kamoski

View 1 Replies View Related

SSIS Project Failing To Run Even Though I Verified Remote Sybase Connection Via Connection Manager

Apr 7, 2008



When running the project in debug mode or non-debug mode, I get the following error from MS Visual Studio:

TITLE: Package Validation Error
------------------------------
Package Validation Error
------------------------------
ADDITIONAL INFORMATION:
Error at Package [Connection manager "SYBASE_CONNECTION"]: The connection manager failed to defect from the transaction.
(Microsoft.DataTransformationServices.VsIntegration)
------------------------------
BUTTONS:
OK
------------------------------

Any ideas???

View 8 Replies View Related

SQL Connection In Vista With Trusted Connection Fails Under Local System Account Until Reboot

Mar 4, 2008

Hi All,

We are using the Windows Task Scheduler as a substitute for the SQL Server Agent, which isn't available in the Express edition. The scheduled task just calls a batch file, which in turn, runs a stored procedure using osql with the -E option for a Trusted Connection.

SQL Server Express has been installed using the defaults, which means the service is running in the "NT AUTHORITYNETWORK SERVICE" account. The scheduled task we create is set to run using the "NT AUTHORITYSYSTEM" account.

Now we find that on Windows Vista (tested using Ultimate Edition) that the scheduled task fails to run the stored procedure until the machine is rebooted the first time after installing SQL Server Express. When I say "fail", I mean that the stored procedure isn't executed. The scheduled task however completes and reports no errors. On Windows XP, we do not run into this problem so I suspect it has something to do with the UAC in Vista?

We further found that after installing SQL Server Express and creating the scheduled task in the "NT AUTHORITYNETWORK SERVICE" account, the scheduled task (and stored procedure) runs fine WITHOUT requiring a reboot.

Can anyone explain why a reboot is needed to get SQL Server Express to run the scheduled task correctly under Windows Vista and the SYSTEM account?

Any help or thoughts greatly appreciated.

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved