SQL SERVER ACCOUNT
Feb 20, 2008How can I find out what account sql server is running under?
View 2 Replies
ADVERTISEMENT
SA Account (DBA System Account) Granting Priveleges But SQL Server 2000 Not Applying Them
Dec 4, 2006I have been running a script in SQL Server 2000 as sa also as a Active Directory user who has administrator rights (I tested both approaches SQL Server then Windows Authentication) in Query Analyser which grants execute rights to the stored procedures within the database instance and Query Analyser does not give any errors when I run the script. I have made sure that each transaction has a go after it. I then return to Enterprise Manager, check the rights (I apply them to roles so that when we create another SQL Server user we just grant him/her rights to the role) and discover that the role has not been granted the rights. I seems to be occurring only with 2 of the procedures. Is there a known bug that might be causing this?
yours sincerely
Craig Hoy
Whether To Use Local System Account Or Domain Account For Service Account
Jan 5, 2006During install of SQL Server 2005, we can of course use a domain account or the built-in system account for running the services. I lean toward domain for obvious reaons but would like to know a +/- to each option and why I'd choose one over the other and what consequences or limitations one may encounter if I choose one over the other.
View 6 Replies View RelatedDTS Fails As A Job With Service Startup Account As "System Account"
May 9, 2002I have several DTS jobs that runs well as a job with my nt login account for the SQL agent service startup account, but if I use the System account
they fail with this error.
" Error opening datafile: Access is denied. Error source: Microsoft Data Transformation Services Flat File Rowset Provider"
The data has change access to the System account under the NT security.
Thank you in advanced.
Jorge
Xp_cmdshell Does Not Execute For Non-sysadmin Account Even With Proxy Account
Mar 2, 2004Hi all, i hope you can help me.
Basically a dts package has been setup that pulls in data from another companies server, this data requires to be on-demand i.e individual users can pull in updates of the data when they require it.
I am using xp_cmdshell and dtsrun to pull in the data. This obviouly works fine for me as i am a member of sysadmin.
Books online quotes " SQL Server Agent proxy accounts allow SQL Server users who do not belong to the sysadmin fixed server role to execute xp_cmdshell"
So i went to the SQL Server Agent Properties 'Job System' tab and unchecked 'Non-sysadmin job step proxy account' and entered a proxy account.
The proxy account has been setup as a Windows user with local administrator privilages and even a member of the sysadmin server role - just in case.
Now when i log onto the db with my test account - a non-sysadmin - and attempt to run the stored proc to import the data i recieved the message 'EXECUTE permission denied on object 'xp_cmdshell', database 'master', owner 'dbo' '
hmm... so basically i have either misunderstood BoL or there is something not quite right in my setup.
I have search the net for a few days now and yet i can find no solution.
Can anyone help?
Domain Account Vs Local Account For SQLServerAgent
Jul 20, 2005Hi there,BOL notes that in order for replication agents to run properly, theSQLServerAgent must run as a domain account which has privledges to loginto the other machines involved in replication (under "SecurityConsiderations" and elsewhere). This makes sense; however, I waswondering if there were any repercussions to using duplicate localaccounts to establish replication where a domain was not available.Anotherwords, create a local windows account "johndoe" on both machines(with the same password), grant that account access to SQL Server onboth machines, and then have SQL Server Agent run as "johndoe" on bothmachines. I do not feel this is an ideal solution but I havecircumstances under which I may not have a domain available; mypreliminary tests seem to work.Also, are there any similar considerations regarding the MSSQLSERVERservice, or can I always leave that as local system?Dave
View 1 Replies View RelatedDomain Account Without A SQL Login Account
Apr 25, 2007I have a situation that I have discovered in our QA database that I need to resolve. When I looked at the Activity Monitor for our server, I discovered that a process is running under a domain user account for one of our .Net applications. The problem is that that domain user account has not been created as a SQL login account on the server. I am trying to figure out how someone can log in to the database server with a domain user account that has not been added to SQL Server as a login account.
Does anyone have any insight on this? I don't like the idea of someone being able to create domain account that can access the database without me granting them specific access.
- Larry
SQL Security :: What Windows Account Used Server Login To Access Server
May 14, 2015If we have a "pool" SQL login, a one that uses SQL Server authentication, and this login is used by different domain account to access SQL Server, is there a way to audit which domain account used that "pool" login to do something on a object in SQL Server? I have to keep this way of accessing SQL Server, so how to create a login for every domain account accesses SQL Server
View 7 Replies View RelatedUsing Windows Account To Log On To Sql Server
Sep 15, 2002hey,
i am currently trying to connect to sql server with one of the windows user accounts. I am trying to connect to it via a browser using a dns-less connection. I have put in all the correct user name and password details and it comes back with Login failed for user xxxxxxx.
If i create a user in sql server and put those login details in, it works fine.
Can i use windows users with a dns-less connection???
SQL Server Start Up Account
Oct 19, 2006I wanted to make SQL Server starts up with a certain user account.
But when I entered a user account and password, a message appeared saying something like "user account and Security ID have no mapping......If you choose to proceed, SQL Server might not be able to start up".
Does anybody know how to fix this ?
Thanks in advance.
SQL Server 2012 :: How To Run A Job Using Different Account
Jul 21, 2014I have a job that needs to execute with different account. I figured i need a proxy so i have created one.Now i need to configure a job that runs a store procedure using that proxy account.
View 3 Replies View RelatedSQL Server Service Account
Jul 20, 2005SqlServer2k is on the domain serverSqlServer2k is on a laptop tooI want to copy a database from the domain to the laptop over the networkusing the copy database wizard.I have done this before with no problem but this time I get thefollowing error:Your SQL Server Service is running under the local system account. Youneed to change your SQL Server Service account to have the rights tocopy files over the network.I went into the properties of MSSQLSERVER under Services andApplications and see no setting described.Where do manage the SQL Server Service?*** Sent via Developersdex http://www.developersdex.com ***Don't just participate in USENET...get rewarded for it!
View 3 Replies View RelatedWhat Is The Account That The SQL Server Is Running Under?
Jul 10, 2006Hello,
I need to allow SQL server 2005 to open a file in a shared directory. Any assistance or help will be greatly appreciated!
SQL Server 2005 Sa Account
Apr 21, 2006hi ,
i have a problem :)
my sql server 2005 is instaled on windows xp machine ( i have only remote connection on this computer ) , i made mistake and delete my account on sqlserver it was a admin account , the problem now is i cant log on sqlserver enymore becuse sa account is disabled.
What cann i do now ?
Proxy Account - SQL Server
Jan 2, 2008Hello,
I'm having trouble setting up PROXY account. I follow the documentation, and Under Credentials, I can only select Operator. Is there a way to select any account under Security?
Your help is appreciated!
Aspnet Account And Sql Server 2005
Nov 29, 2006can anyone give me step by step instructions as to how I would go about correctly granting the aspnet account access to my sql server 2005 database ??
As far as I can see Ive set it up, but im getting execute permissions errors on stored procedures even though Ive gone into properties and permissions and added the aspnet account with execute permissions.
Need Advice On SQL Server Account To Use For My ASP.NET Application
Jun 23, 2004Hi,
I know it's bad to use the built-in SA account to access SQL Server from my ASP.NET application.
I did some reading but would like some suggestions as well. One article I read talked about Application roles in SQL Server. Is this the best way to handle SQL Server access for read/write/update/delete privileges from an ASP.NET application?
If this is the way to go, how do I set it up? Can anyone suggest a good web site to read up on this?
What Account Runs SQL Server Service?
Sep 18, 2001We are debating whether to run the SQL Server service as Local System, a domain user without local admin rights, or a domain user with local admin rights. MSDN recommends local admin rights, but doesn't require them.
I would like to get some idea of how the real world handles this. If you run as a local admin, how do you handle the security implications? And if you run without local admin rights, what gotchas have you run into with extended stored procs, replication, etc?
Thanks,
Jerry Ratner
Changing The SQL Server Service Account
May 4, 2004I have a SQL 2000 (SP3) running on a Windows NT 4.0 (SP6) box used in our test environment. The SQL Server was configured to run under the local system account before I got here. In an effort to standardize things, I tried changing the SQL Service account to run under a designated domain user account purpose built for the job. We use this particular account for all of our new-build servers (which are W2K). This domain account is configured to be a "Power User" on the NT 4.0 Server in question.
Soon after changing things over to run under the new account, all the developers complained that they could no longer connect to the server. I could through QA and EM, but none of the developers could.
The developers are using WebLogic and JDBC drivers for the most part. I wasn't aware that the SQL Server service account affected client connectivity. Was I wrong or is there something else at work here?
Thanks,
hmscott
SQL Server Agent - Account Privileges.
Aug 28, 2007Hi all,
Please let me know what specific privileges an user account needs to be used as LOG ON AS account for SQL Server Agent in SQL Server 2005.
Does the account needs to me in the domain administrator group?
Thanks,
Hariarul
SQL Server Service Account Questions
Sep 13, 2007I have recently installed 2005 Standard and 2005 Reporting Services (on a separate server), today we built a service account for the SQL services in Active Directory. I planned to use SQL Configuration tools to change the account but it fails with the message:
'No mapping between account names and security IDs was done'
I ended up going through and following the manual steps outlined in KB article 283811 - http://support.microsoft.com/default.aspx?scid=kb;en-us;Q283811
But I am baffled and concerned as to why it failed.
Any advice?
Future guru in the making.
Sys Admin Cant Access SQL Server. Only SA Account Can?
Jul 20, 2005Hi All hope you can help.I have a SQL 2k Standard Ed. SP3 server that is in mixed securitymode.I have logged into EM with the sa account.Then added a Active Directory group (i.e. DomainDBAdmins) to theSystem Administrators for that server.When I try and modify the SQL server registration in EM to use trustedauthentication instead of sa I get a connection failed. Any ideas?Thanks,
View 3 Replies View RelatedSQL Server Performance Varies By NT Account
Jul 20, 2005If I have two NT accounts and performance using one account is prettyawful what might be the most likely reasons for the difference inperformance?We're talking about a few hundred thousand rows being returned from aSELECT statement within a stored procedure with a few INNER JOINS.
View 4 Replies View RelatedCannot Get SQL Server Agent To Start Using New Account... Why?
Feb 28, 2007Well, this is very confusing.
I have 2 servers that are members of the same AD Domain.
I need an account that can login to either one, but needs to be able to start a service, which my network admin says a local domain administrator cannot do.
So, I just decided to create an account with the same name, properties and password on both machines.
This I did. The account is a member of local Windows Administrator group on each server. Additionally, it is an SQL account on the SQL Server local instance, and a member of the SysAdmin group.
I can assign this account to SQL Server as the startup account (Log in with this account). That works fine.
However, when I assign this account to SQL Server, then SQL Server Agent quits running. So I try to assign this same account to this service and I get an error that the account 'Unknown' cannot login and needs to be a member of the SysAdmin group!??
This is a completely confusing error message since the account is a Windows Admin, SQL Server SysAdmin account and can start SQL Server fine without a hitch.
Anyone else having this very annoying problem ?!
SQL Server Agent - Start Up Account.
Aug 28, 2007Hi all,
Please let me know what specific privileges an user account needs to be used as a LOG ON AS account for SQL Server Agent in SQL Server 2005.
Does the account needs to me in the domain administrator group?
Thanks,
DBLearner
SQL Server Express SP2 Disabling SA Account
Apr 16, 2007I recently updated a default instance of SQL Express to Service Pack 2. When I tried to attach my database I got an error "Login failed for user SA. The user is not associated with a trusted SQL server connection".
I found that my SA account for the instance was locked out. I unlocked it and everything worked again.
This happened to my on two different PC's using a default instance of SQL Express. Does anybody know why SA is being locked out? Thanks in advance.
Changing SQL Server Service Account
May 31, 2006Guys,
I have got WINDOWS 2000 Advanced Server and MS SQL SERVER 7.0 running on my live server. Now when we are planning for replication, we have found that SQL server will require to run under a domain account. At the moment there are so many ASP pages running on our server accesses different databases created using SQL server 7.0. Most of them are DSN connections to the database. Now if i create a domain account and restart the server and MS SQL services with the domain account, how is it going to effect the current web pages running on it?
Any help will be greatly appreciated.
Thanks
Sql Server Services Account Password Change.
Sep 21, 2000A former Network Manager setup the Sql Server Services NT Domain account. I need the password to set it up on our MS Exchange server, should I change the password or create a new domain account.
How can I find out if there is no other applications using the service account in our domain, since the new Network manager doesn't know the password.
What happens if I change the password.
How Many People Can Login To SQL Server With The Same User Account?
Mar 8, 1999I'm developing a client-server application using Visual Basic and SQL Server
6.5 for 700 users. The application currently requires users to login to the
database using their network account (via trusted connections). Each of the
users takes up a maximum of 6 connections. Unfortunately, other
considerations will force us to discard use of trusted connections. So it
only leaves us either to create 700 user accounts on SQL Server separately
from their network logins or to create one SQL Server account and everybody
uses that same account to login to the database. For political reasons, the
customer would prefer not to ask their support group to maintain 700 user
accounts on SQL Server if it can be avoided.
My question: is there any technical limitation or other negative consequence
of having 700 users login to the same account to SQL Server if SQL Server
can handle that many connections (it would be 6*700 = 4200 connections)
simultaneously? Are we supposed to do things like this? It seems that we
don’t have better choice than this.
SQL Server 2008 :: Must Setup Be Run With A Domain Account?
Nov 6, 2015I am running a SQL 2008r2 install while logged onto the server with a local admin account, not a domain account. I am specifying a domain account to run the SQL service. The install fails saying the service account credentials are invalid but I am 99.9% sure they are right.My theory - the local admin account running Setup cannot validate the service account creds against AD. Is it a requirement to run Setup while logged on with a domain account?
View 4 Replies View RelatedHow To Use Sql Server In Limited Window User Account
Oct 16, 2006Ankush Jain writes "I m using Sql Server 2000 in Windoes XP (SP2) with Limited Window Account.
I m new to Sql Server.Please You can tell me how to create database.
When i expand the console root in Enterprise Manager it will show an error : "A connection could not be established to Local""
System Account For MSSQLSERVER Service In SQL Server 6.5
Jul 20, 2005Hi,I changed the login for MSSQLSERVER service for 6.5 box to "Thisaccount" from "system account" and then again changed back to "systemaccount". Now I cann't connect thru Enterprize Manager to my server.All my services r running and I can connect to my database thru anapplication as before. I cannot re-boot the machine as it is inproduction. Any thoughts?Thanks in advance.Subodh
View 1 Replies View RelatedSQL Server Browser Service - Account Priviliges
Sep 6, 2007I read an MSDN article that states the following.
SQL Server Browser listens on a UDP port and accepts unauthenticated requests using SQL Server Resolution Protocol (SSRP). SQL Server Browser should be run in the security context of a low-privileged user to minimize exposure to a malicious attack. By default, SQL Server Browser starts using the Local System account. The logon account can be changed by using the Windows Services program. The minimum user rights for SQL Server Browser are as follows:
* Deny access to this computer from the network.
* Deny logon locally.
* Deny logon as a batch job.
* Deny logon through Terminal Services.
* Log on as a service.
* Read and write the SQL Server registry keys related to network communication (ports and pipes).
In our case the SQL Server Browser service is running under the same Windows account as our other SQL Server services. Do you recommend creating a separate Windows account for the SQL Server Browser service as described above?
Can you help me understand how an attack can occur?
Thanks, Dave