I was reading though my logs and noticed I had three instances of an anonymous logon last night. The last anonymous logon was at approx midnight. This is prime hacking time.
Can anyone give me direction on issues or concerns with anonymous logons.
Much thanks in advance ....
I have come across this error message in ssrs and cannot seem to locate the error. Report manager lets me logon-- I can navigate to the folder but once I click on the actual report I get this error
and suggestions as to why and how to fix it???
Thanks in advance
Hi all
I've got the following situation:
setup up an merge publication (distributor and publisher at the same server)
setup an anonymous subscription
deleted the subscription
In the replication monitor, I still see the deleted subscription.
Why?
And how do I get rid of it?
Thanks a lot for any informations and greetz
Aline
How do you set up a SQL server to allow anonymous access from a website? I am using asp for a web site and keep getting this error:
Error Type:
Microsoft OLE DB Provider for ODBC Drivers (0x80040E4D)
[Microsoft][ODBC SQL Server Driver][SQL Server]Login failed for user 'NT AUTHORITYANONYMOUS LOGON'
I am new to SQL server so any help no matter how obvious would be appreciated
Thanks
We're getting a barrage of Windows Authenticated login attempts that are using the Anonymous login on one of our client's production servers. This smells to me of a service gone awry.
The login attempts originate from a server that is hosting some Quest Software applications, specifically their Performance Analysis tool. This machine has been well behaved until this morning, but it has been issuing around ten failed login attempts an hour.
The problem that it causing me pain at the moment is that the client has not renewed their Quest support yet because of a merger, so their contract recently expired. Does anyone have any insight into what might cause a normally well behaved app/server to go mildly berzerk exactly ten days after the support contract expires?
-PatP
Hi
I have a web sync merge publication with multiple anonymous subscribers. Unfortunately two of the subscribers have experienced errors as follows.
###############################################
The Merge Agent failed after detecting that retention-based metadata cleanup has deleted metadata at the Subscriber for changes not yet sent to the Publisher. You must reinitialize the subscription (without upload). (Source: MSSQL_REPL, Error number: MSSQL_REPL-2147199401)
###############################################
Now they successfully sync'd within the retention period so I am baffled as to why the cleanup has occured. Unfortunately I can't seem to find a way to reinitialize just a single subscriber. It seems that the only reinitialize option is across all subscribers, which I do not wish to do as they would loose any changes since last sync.
Can anyone shed any light on this.
Cheers
Rab
Hi all,
The problem is: when you're trying to call in method MyMethod anonymous method that doesn't use local variables, deployment of the assembly will fail referring that MyMethod tries to store smth. in the static variable. Indeed, looking at the compiled CLR code, you can see that anonymous delegate is cached in the private static delegate and the call looks like:
If(ClassName.privateStaticDelegate == null)
ClassName.privateStaticDelegate = new MyDelegate(HiddenMethodName);
CallAnonymousMethod(ClassName.privateStaticDelegate);
Is there any workaround to fix this problem.
P.S. I googled about this problem and found only one article on it:
http://www.ayende.com/Blog/default,date,2005-12-26.aspx
Hello,
I tried to use REPLMERG utility for Web synchronization and got the following error message in log file:
2007-03-23 14:35:10.484 The subscription to publication 'X' could not be verified. Ensure that all Merge Agent command line parameters are specified correctly and that the subscription is correctly configured. If the Publisher no longer has information about this subscription, drop and recreate the subscription.
The case description is as the following:
REPLMERG utility command line:
"C:Program FilesMicrosoft SQL Server90COMREPLMERG.EXE" -ExchangeType 3 -Publication X -
Publisher B01 -Subscriber 127.0.0.1SQLEXPRESS -Distributor B01 -PublisherDB DBS -
SubscriberDB DBS -PublisherSecurityMode 1 -Output C:TempDBS.log -OutputVerboseLevel 2 -
SubscriberSecurityMode 0 -SubscriberLogin Operator -SubscriberPassword XXX -
SubscriptionType 2 -DistributorSecurityMode 1 -Validate 3 -InternetURL
https://www.company.com/Synch/replisapi.dll -InternetSecurityMode 0 -InternetLogin USER1 -
InternetPassword PWD1 -SubscriberType 0
The subscription to the publication X has been created with the following T-SQL script:
USE DBS
EXEC sp_addmergepullsubscription
@publisher = N'B01',
@publication = N'X',
@publisher_db = N'DBS',
@subscriber_type = N'anonymous',
@sync_type = N'automatic',
@subscription_priority = 0.0;
I've also tried to check subscription information on the server 127.0.0.1SQLEXPRESS using the following:
sp_helpsubscription_properties N'B01', N'DBS', N'X'
but the result set is empty. When I run sp_helpsubscription_properties
I get the same empty result. But the subcription is anonymous and when I synchronize it using RMO - it works.
Could you please advice what could cause the problem?
Thank you.
Alexander.
In remote processing mode, I am receiving the following error when I view a report in the browser: HTTP status 401: Unauthorized.
I have SQL server 2005, Microsoft Internet Information Services (IIS) 6.0 , Windows Server 2003 running on a virtual PC.
I am using Visual Studio 2008 to create a webpage with a reportviewer.
We are using Windows Integrated Security. How do I provide anonymous access to the report viewer?
Hi,
I'm trying to force an anonymous subscription to re-intialize on it's next sync attempt. I can do this from the subscriber no problems, and from the publisher using 'Re-initalize All Subscriptions', but I can't seem to re-intialize only a single subscription from the publisher.
To do this I'm trying to execute sp_reinitmergesubscription using the subscriber details found in the sysmergesubscriptions table. This executes ok and when the subscriber starts to sync it does try to re-initialize starting with generating a new snapshot, but after processing for a while it throws the following error messages:
Error messages:
The merge process could not allocate memory for an operation; your system may be running low on virtual memory. Restart the Merge Agent. (Source: MSSQL_REPL, Error number: MSSQL_REPL-2147198720)
Get help: http://help/MSSQL_REPL-2147198720
An error occurred while reading the .bcp data file for the 'CDP_TableDates' article. If the .bcp file is corrupt, you must regenerate the snapshot before initializing the Subscriber. (Source: MSSQL_REPL, Error number: MSSQL_REPL-2147199428)
Get help: http://help/MSSQL_REPL-2147199428
The merge process was unable to deliver the snapshot to the Subscriber. If using Web synchronization, the merge process may have been unable to create or write to the message file. When troubleshooting, restart the synchronization with verbose history logging and specify an output file to which to write. (Source: MSSQL_REPL, Error number: MSSQL_REPL-2147201001)
There doesn't appear to be any shortage of memory on the server. There is no problem regenerating the snapshot from the publisher, and there's no problem with syncing through the web using delta syncs or re-initializing from the subscriber, so I can't see any obvious cause from those error messages.
I'm using SQL Server 2005 SP2 on the publisher, and SQL ServerCE 3.1 on the subscriber.
Any ideas or alternatives?
Cheers
Hi there,
I created reports and deployed successfully. but one problem i am facing is when i am opening the browser to see reports, it is asking for credentials..
But i want to show these reports for anonymous users
Is there any way to show reports for anonymous users? If yes, what is the process. please refer me any articles.
please help me out.
thanks
praveen.
Greetings,
I have a set of reports that should be accessible to any user on our network. Those reports are located in a single folder in SSRS. I would like to configure security to allow anyone to see the reports in that folder. Is there a way to do this?
I do have other folders where I am using security so I do not want to open up system-wide access to all reports.
Thank you for your ideas.
Rob
Hi,
I read the BOL on how the publisher will had out identity ranges to subscribers, but it was not clear if this was also the case for anonymous subscribers. Will merge replication with identity columns work with anonymous subscribers that sync via HTTPS?
Thanks,
Darrell Young
I am trying to execute oracle procedure (anonymous block) with input and output parameters from ms sql code and return 2 values back:a number and a string.I am using **EXEC() AT** to execute oracle code and return a string back to ms sql. It works fine when returning numbers, but if I add a string output parameter, I am receiving an error:Msg 0, Level 11, State 0, Line 0...A severe error occurred on the current command. The results, if any, should be discarded.
The server log has the following entry in exception.txt:
Exception 0xc0000005 EXCEPTION_ACCESS_VIOLATION reading address 00000005031C07E0 at 0x0000000070F9C183
There is also a SQLDump file generated:
* BEGIN STACK DUMP:
* 10/28/15 12:45:38 spid 63
* Exception Address = 000000005040C183 Module(MSVCR100+000000000003C183)
[code]....
It looks like the problem is in passing varchar2 from oracle into ms sql. I had logging code in oracle block, and it works fine. I have found a few examples of using **exec() at** but there is always only integer output passed back.
Hi
We are using HTTPS merge replication
Our setup is as follows:
subscription.CreateSyncAgentByDefault = False -- I wrote a windows service to synchronise
subscription.UseWebSynchronization = True
subscription.InternetSecurityMode = AuthenticationMethod.BasicAuthentication
subscription.SubscriberType = MergeSubscriberType.Anonymous
Some of our subscribers have low-quality internet connections - how do I get the agent at the publisher/distributer use a slower profile - I've read How to: Work with Replication Agent Profiles (Replication Transact-SQL Programming)
but can't see where you specifiy an alternate agent profile
On the distributer / publisher (same machine) I go to replication monitor -> Warnings and Agents - I can only set the profile for the snapshot agent....
thanks
Bruce
Dear all,
Basically I want to set chain up the rights so that the anonymous web user IUSR_ .. can execute the new .NET subs, functions etc in the assembly, just as the anonymous web user can execute Stored Procedures when granted. In this way, it should be possible to call the .NET assembly just as classic stored procedures from ASP/ASP.NET.
I have written a .NET function which I can successfully execute if I log on to the database as an administrator by sending this T-SQL query; it returns the result of a given string:
select dbo.CLRHTMLString('abc')
The scenario is now to try to grant access to this assembly for a different role (webuser), which the classic IUSR_MYSERVERNAME is a login of, so that I can call the .NET Assembly when I am authenticated as the anonymous web user (e.g. via ASP, etc.).
To test access, I created a login (webusertest) for a user (webusertest) in the same role (webuser) on the database. But when I use this login, which supposedly has the same rights as the IUSR_, execution right is denied:
EXECUTE permission denied on object 'CLRHTMLString', database 'adt_db', schema 'dbo'.
Note: The 'webuser' database role has Execute permission on the Assembly.
I have also tested this from my actual web page, with the following results:
(1) IUSR_MYSERVER member of db_owner role: Web page has right to call assembly.
(2) IUSR_MYSERVER not member of db_owner role: Web page does not have right to call assembly.
Further test results:
(3) Function can be called when making the user "webusertest" member of the "db_owner" role, which is too much rights to grant for the anonymous web user.
(4) When adding the user 'webusertest' to get 'Execute' permissions on the assembly, it does not get added. After clicking OK, there is no warning message, but when opening the Assembly Properties -> Permission dialog box the same time, the 'webusertest' user does not appear in the list.
Thankful for any advice on this matter.
Dear SQL Server Reporting Services gurus,
Before I begin describing our problem, let me first start off with a description of our environment and current configuration.
Background/Configuration Specs
We have SQL Server Reporting Services running on a Microsoft Windows Server 2003, Standard Edition, Service Pack 1 server. It is configured so that the Reports and ReportServer virtual directories run under a sql server domain account.
The datasets for our reports are xml datasets returned from calling a web service on a second IIS server, Microsoft Windows Server 2003, Standard Edition, Service Pack 1. The web service runs under a service account and is not set to impersonate the user. The web service contacts a database located on the same server as reporting services to retrieve the data. So, it should receive the request, login to the database it is trying to access using the service account, and return the dataset.
We are programatically accessing reports via a client application, specifying the virtual directory via the reportserver url (e.g. http:\hostname\reportserver\virtual directory path\report name).
Kerberos is enabled on both the sql box and the iis box with constrained delegation allow the sql account access to the iis box.
Problem
When I try to browse to the report from Report Manager in IE, (http:\hostname\Reports\...etc) I am able to successfully view the report.
When I try to view the report in the client app, (http:\hostname\reportserver\...etc.) the report fails.
Looking at the iis logs, it appears that in the first case, the web service is receiving the request from the sql server domain account. In the second case, it appears that the web service is receiving the request from an anonymous login.
Questions
What exactly is the difference between rendering/viewing a report via ReportManager versus programatically via ReportServer?
Is there any configuration we need to be aware of when configuring ReportServer?
Any help you can provide would be very much appreciated.
Thanks,
prettybrneyes81
We have an application that requires write settings to reportserver virtual directory for the IUSR account when anonymous is turned on during the install. Once the install is complete, we lock down the IUSR account so that it only has browse access to the virtual directory when enabling anonymous access.
We automate the uninstall and install of our daily builds and I'm trying to figure out if I can automated this process somehow either through command line utility or in vbs.
Your help is greatly appreciated...
Eric
HelloI am getting this err msg when trying to logon to my website on the web - on my machine there is no prob, An error occurred while established a connection to the server.When connection to Sql.S 2005, this failure may be caused by the fact thatunder the default settings sql.s doesn't allow remote connection.(provider :Sql.S Network interface, error:26- Error Location Server/Interface Specified)(the files path is like in the web host s)
View 2 Replies View RelatedWhen attempting to logon to the SQL server using ODBC, Windows NT workstations get the following error code:
Connection Failed:
SQLState:`01000`
SQL Server Error:1326
...
Windows `95 stations can log on fine.
Any suggestions? Thank you in advance.
Is there a sp or an easy way to move logons from SQL6.5 to 7.0?
Thanks,
Kevin
Greetings,
After upgrading a SQL 7.0 WINNT 4.0 SP5 box to Windows 2000 SP1, SQL 2000 configuration I am getting the following error when some users try to connect to the server using Enterprise Manager;
"A connection could not be established to 'SERVERNAME'. Reason: Login failed for user 'NT AUTHORITYANONYMOUS LOGON'"
After doing some troubleshooting, I have found that this only occurs when I have the services started with a domain service account (this account is part of the domain admin global group and is a System Administrator in SQL as well) and it does not occur when the services are started with the System Account. Additionally, it also appears that this only occurs for some users and not all. However, these same users that are having problems on this server, can connect to other Database Servers using the "same" configuration.
Has anyone seen this. I have searched TechNet and found nothing that applies directly to this error. Any help that could be provided would be greatly appreciated.
I just started at a new company. The security stinks, everyone logs into the servers as sa (including many applications). I am taking steps to tighten security and restrict access to the sa login. I would like to capture some additional information at logon as an interim measure.
Can anyone assist me in automatically recording the following:
Host Name / IP Address
Login time
I realize I could periodically run an sp_who2 and capture the results - I also realize that if I turn on auditing, the logon will be written to the SQL Srvr LOG - I'm looking for an elegant / low impact way to capture the logon and host information.
Thanks in advance for any help.
Scott Wright
Hi and thanks in advance :)
I was playing around with logins and windows groups and did the following:
Created windows group on my local computer called SQLAdmins.
Added my domain user to this SQLAdmins group.
Added SQLAdmins as a windows login on my local sqlserver instance.
Tried to login with my domain user but get "can't login..." message.
Is there something simple I'm not seeing?
thanks!
Hi,
we had a Problem that a colleague can't connect the SQL-Server on one server.
We use the VSTS 2005 and SQL Server 2005. He is trying to build a ne connection to the virtual maschine with his windows account and got the following message
Login Faild for User ''. The user is not associated with a trusted SQL Server connection.
He is user on the database and the server. he has dbowner rightson the database he tryed to connect.
How we can fix this Problem.
Thanks
Thomas
I read a lot of artical but didn;t find a solutio to this problem.
I have Windows 2003 SP1 install Reporting services 2005
I have other Windows 2003 SP1 server with SQL 2005 database.
I set kerberos delegetion control on the server in the AD
I also run the command
cscript adsutil.vbs set w3svc/1/root/NTAuthenticationProviders "Negotiate,NTLM"
on reporting services server but still getting this error message.
Any help ????
w3wp!processing!7!8/30/2006-00:00:01:: e ERROR: Throwing Microsoft.ReportingServices.ReportProcessing.ReportProcessingException: Cannot create a connection to data source 'MyDB'., ;
Info: Microsoft.ReportingServices.ReportProcessing.ReportProcessingException: Cannot create a connection to data source 'MyDB'. ---> System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITYANONYMOUS LOGON'.
im creating a database for a product catalog. im using xp pro. im trying toc create a new database. heres my problem.
1. theres a red x next to the cylinder of the server (in visual studio.net ) is this a problem? how do i fix it?
2. when i try to connect to the sql server i get this error [DBNETLIB][ConnectionOpen (Connect()).]SQL Server does not exist or access denied.
3. what code do you i use to add a user and in what file, so i can connect to the server and create this database, once I can do that, I can develop the rest of this e-commerce site. Thanks so much!!
Tried using webmatrix code builder to simply bind a web grid to a sql table.
Works great in WEbMatrix, but when I move the code to Visual Studio.VB,
I get a logon error when the code is run.
Any Help is Greatly Appreciated... I am stuck.....
Here is the code:
Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
DataGrid1.DataSource = GetCustomers()
DataGrid1.DataBind()
End Sub
Private Function GetCustomers() As System.Data.SqlClient.SqlDataReader
Dim connectionString As String = "server='localhost'; trusted_connection=true; Database='ASPExamples'"
Dim sqlConnection As System.Data.SqlClient.SqlConnection = New System.Data.SqlClient.SqlConnection(connectionString)
Dim queryString As String = "SELECT [Customers].* FROM [Customers]"
Dim sqlCommand As System.Data.SqlClient.SqlCommand = New System.Data.SqlClient.SqlCommand(queryString, sqlConnection)
sqlConnection.Open()
Dim dataReader As System.Data.SqlClient.SqlDataReader = sqlCommand.ExecuteReader(System.Data.CommandBehavior.CloseConnection)
Return dataReader
End Function
End Class
Hi All,
I'm using iis 4.0 with nt security to validate users. I'm trying to only pass the nt logon to sql and use
it as a filter when selecting records. I'm looking in the odbc driver and striking out there. What
variable is the logon assigned to so that I can construct it in the sql query???? How is this
done???
Direct email would be great!
Thanks
Mike
mgetlik@notes.cc.bellcore.com
HiOracle 8.1.7.4Hp Unix 11Application run peoplesoftLogon_time from v$session shows Friday Jan 3.The database was haltedon Saturday Jan 4.What is logon_time supposed to represent.All inquiries so far does notindicateThanks for your inputVincento
View 2 Replies View RelatedMy company is apparently performing some sort of security test on our SQL Servers by sending malformed packets to it, which results in SQL Server throwing a Severity 20 error and resulting in my butt being paged every night at around 3 AM. As you can imagine, this ticks me off, but they refuse to stop this test. The [edited] error text from the SQL Log is as follows:
Source Logon
Message
Length specified in network packet payload did not match number of bytes read; the connection has been closed. Please contact the vendor of the client library. [CLIENT: 1.2.3.4]
Source Logon
Message
Error: 17836, Severity: 20, State: 1.
Is there a way to completely block a specific IP from attaching to SQL Server? Someone please let me have a complete night's sleep!
Brandon
Hi,
I am writing a web application in c# that is attempting to get the parameters from a report on a Reporting Services 2005 server.
I am using the following code:
SQLReportViewer.ServerReport.ReportServerCredentials = new ReportCredentials(UserName, UserPassword, UserDomain); SQLReportViewer.ServerReport.ReportPath = Rpt.FileName; SQLReportViewer.ServerReport.ReportServerUrl = new Uri(ServerUrl); Parameters = SQLReportViewer.ServerReport.GetParameters();
The Getparameters Line causes the following exception:
Microsoft.Reporting.WebForms.ReportServerException was unhandled by user code Message="Logon failed. (rsLogonFailed)" Source="Microsoft.ReportViewer.WebForms" ErrorCode="rsLogonFailed" StackTrace: at Microsoft.Reporting.WebForms.ServerReport.get_Service() at Microsoft.Reporting.WebForms.ServerReport.GetExecutionInfo() at Microsoft.Reporting.WebForms.ServerReport.GetParameters()
The UserName, UserPassword and UserDomain variables are all populated with correct data, as is Rpt.FileName.
The ReportCredentials class is a very simple implementation of the ICredentials interface - Code shown here:
-->
public class ReportCredentials : IReportServerCredentials { protected string _UserName, _Password, _Domain; public ReportCredentials(string UserName, string Password, string Domain) { _UserName = UserName; _Password = Password; _Domain = Domain; } //***************************************************************** public bool GetFormsCredentials (out System.Net.Cookie AuthCookie, out string UserName, out string Password, out string Authority) { UserName = _UserName; Password = _Password; Authority = _Domain; AuthCookie = null; return (true); } //***************************************************************** public System.Security.Principal.WindowsIdentity ImpersonationUser { get { return (null); } } //***************************************************************** public ICredentials NetworkCredentials { get{ return (new NetworkCredential(_UserName, _Password, _Domain)); } }
<--
I can use the same credentials to retrieve a list of reports from the report server (the report I am trying to access is in that list) and to log on directly by going to the URL of Reporting Services.
This is made more frustrating by the complete lack of detail in the error message, as it does not say why the logon failed, or give me a single clue about what is going on.
Has anyone seen this before and can tell me how to fix it, or is there something stupid in my code?
Thankyou.
Paul
Hi there!
Well this problem it's really driving me nuts!!!
I am using a CrystalReportViewer on a windows application which has an embedded report document...
The report (and the application too) is connected to an SQL Express server which is installed on an MS Small Bussines Server.
The server and the terminal PCs are under the same domain.
The app works flawlessly on the terminals, but when I open the form which contains the report I get prompted for logon to the SQL.. I have tried everything but it refuses to connect and i get a msg box : Logon failed.Please try again.
The sql surface area and the database have been configured to accept remote connections and mixed mode authentication (otherwise my app dosen't run at all), i have created sysadmin users(on the SQL), i have turned off the firewall but it is still refuses to connect.
I would like to mention that I have tested my app on my domain and SBS (I am not sure which version of SQL Server is installed) and I have used the develpment machine for the test. The logon is successful, even with the same account which the application connects (i mean the account included in the connection string)
Any ideas????
I appreciate your time,
thank you very much in advance...