SQL Security :: Did Not Create Any New Users And There Are No Other Users Listed In Accounts Section
Sep 28, 2015
I am trying to revert back to Windows 7 after upgrading to Windows 10, however it will not let me and the following message occurs: "Remove new accounts.Before you can go back to a previous version of Windows, you'll need to remove any user accounts you added after the most recent upgrade. The accounts need to be completely removed, including their profiles.You created one account (NT SERVICEMSSQLSERVER) Go to Settings> Accounts> Other users to remove these accounts and then try again".However I did not create any new users and there are no other users listed in the Accounts section.
Hi there NT Server,sqlserver 7.0, Integrated Security. I used "sp_attach_db" to attach a database to the sql server. The database has 3 standard roles with members in each of those roles. But i am not able to add a user to any of the roles through Enterprise Manager(No users are listed, except the other 2 roles). Also when i click "users" under the Database in EM, no users are listed except "dbo" with sa login. Luckily since some members are there in the roles, they are able to connect to the database. Also i am not able to add the user bcos the user exists in the public role and i get an error message "user already exists in DB". The user has logged into the NT and everything is fine. I copied the .mdf and .ldf files from a "Standard Security" Server.
We have an existing SSRS server, and have just created a new child domain. We'll be migrating users from the parent to the child, and want to add the users of that new domain with access to SSRS. In the parent domain they are able to access, but after migration with the child domain account, they cannot.
I have added the group CHILDDomain Users with a system user role on SSRS, and PARENTDomain Users was already there.
Is there any additional step I should/could take to get this active?
I have had this issue just pop up. I have local users who can connect fine, but my users that require connection by VPN cannot connect. I get the server not available or access denied error. I did confirm that the VPN'ers are connected to the network correctly and can see that their shares and mappings are correct. Any ideas? Thanking you all in advance!!
hi alli've got two tables called "webusers" (id, name, fk_country) and "countries" (id, name) at the meantime, i've a search-page where i can fill a form to search users. in the dropdown to select the country i included an option which is called "all countries". now the problem is: how can i make a stored procedure that makes a restriction to the fk_country depending on the submitted fk_country parameter?it should be something like SELECT * FROM webusers(if @fk_country > 0, which is the value for "all countries"){ WHERE fk_country = @fk_country} who has an idea how to solve this problem?
I have to give three users read access to a database. My manager told me to map them to a User called "zxDatabase.Read.ug". I scripted the User and got this...
I don't see a Login at the server level named zxDatabase.Read.ug, so this is confusing. Where is this login in SSMS?
How do I map my three users to user zxDatabase.Read.ug. Or am I not understanding correctly? Do I just add there windows login to the database as Users and configure them the same as zxDatabase.Read.ug
I have developed a site on my local machine utilizing the built-in security/roles provides by ASP.NET 2.0. I am trying to publish the web application to a production server. It will publish correctly, however the ASPNETDB is not recognized. The folder app_data is created with the proper database files. My question is how do I set this up to use the data I have created in this database? I've searched on how to accomplish this but haven't found any definitive answers. I have found ScottGu's blog to be useful, but I was wondering if there is a different way. 1 - Do I push the data to a SQL Server install via SQL scripts? 2 - Can I link to the ASPNETDB that is created locally on my machine? 3 - If I make changes to the application and re-publish, is there a way to keep from overwriting the ASPNETDB on the server? I am a unsure of how the built-in roles/security works when you are ready to push something to production. If someone wouldn't mind pointing me in the right direction, it would greatly be appreciated. Any literature, advice, links, etc.. would be great.
I have a linked server set up and working correctly. I can create a query to get all the users from active directory with something like this:
SELECT [name], [samaccountname] from OpenQuery( ADSI, 'SELECT name, samaccountname FROM ''LDAP://DC=domain,DC=com'' WHERE objectClass = ''user'' and objectCategory=''Person''')
Now I am trying to select all the users in a specifed security group, but I am not having much luck. What is the best way to get this?
Is there any way in which I could distinguish a group of Database users from the other users. Say for e.g. store the Database users hierarchically, etc. Adding a Prefix/Suffix to the user name as a distinguish-er will not work in my case. I want to restrict the deletion of these Database users. Even the login with sysadmin or serveradmin rights should not be able to DROP those Database users.
Hi, The Report Manager portal has many folders. For each folder there are specific users with different roles. I am trying to figure out the way to extract User, folder wise security data. I want to run a query and retrieve users name, the folders they have access to and the user role corresponding to that folder.
Use ReportServer
SELECT u.UserName, r.RoleName FROM users u, policyuserrole pur, roles r
WHERE pur.UserID=u.UserID AND pur.RoleID=r.RoleID The above query fetches all the users and their roles. The folder information corresponds to Path column of Catalog table. Am unable link this table with the above query. TIA
Is SQL Server sensitive to Domain group name? Like "Domain Admin"?
I have user that belong to "myDomainDomain Admin" group. Group is in SQL as sysadmin but user cannot login using domain credentials. When I move that user to a different domain group which that group is in SQL again as sysadmin my user is able to login.
I am able to deploy and run reports from my screen at work, but some non-developers cannot run them. They can see the reports, but get the following error message when they click on the report:
An error has occurred during report processing. (rsProcessingAborted)
Cannot create a connection to data source 'DataSource1'. (rsErrorOpeningConnection)
For more information about this error navigate to the report server on the local server machine, or enable remote errors -------------------------- -----
- I assume the preceding error has something to do with credentials. I am using Windows security authentication for this. One user has worked through this and is now getting cannot run report query (one of the report queries in the report). Help would be appreciated.
My developers would like a 'sandbox' database with full ddl and dml permissions, however, they do not want others to read/change/drop their objects. With SQL 2005, can DDL permissions be granted to a user at the schema level? I'd rather not set up a database for each developer.
we have an application which lets users connect to production database with windows credentials, They are able access the sql tables too with windows login. I want to restrict them from accessing the sql tables. How do I do that.?I tried a db_deny but that prevented them from accessing the application too.
I have a client who would like to access his database via SQL Server Management Studio. I created a login for him. This login has access only to his database on the server (I set this up using the user mapping), the Securables has Connect to SQL checked (otherwise he won't see his database). When I test this login, he is able to see all the other databases on the server, though when he clicks on the ones he doesn't have access to, it will tell him that he can't access that database. He can access his database alright. My question is, can I hide all the other databases from him, and only display that only database he has access to? I have tried many different ways, I can't seem to be able to do so.
we a re implementing a new HR system and the spec from the supplier says we need to create a SQL user account for each member of staff that is going to use the web interface to update their details (ie everyone in the company).
Luckily i am using VS.Net and can create the script really easily but i am wondering the best way to create the user account. Each one needs to be a datareader and a datawriter in the database. what is the SQL command for this please?
I seem to understand that GRANT is object based rather than for the whole database?
Even Sa account is in sysadmin role it is not able to create users usingenterprise managerAlso not able to create users from local admin who is alo on sysadmin roleBut using query analyzer we can create usersIs some thing wrong with master databaseSanjit
I am working on the security model for an application that will be used by 100s of users with a dedicated SQL 2005 database for this application and access via SQL XML Web Services.
The client has asked to make it "open" during alpha testing such that anyone can access the web services without having to set them up first. Is there a way to do this? The best I can figure is to use mixed mode security and hard code a login and password. Any method using Windows authentication would require that I add every user at a minimum to the database.
In production, all users will have an active directory role specified that determines if they should have access to the web services or not. However, it is my understanding that to use Windows authentication, I would still need to add each individual user at a minimum as a Login to the SQL Server, and under best practices also as database users with permissions granted to the endpoint.
Am I correct in the above, or is there a more efficient way to achieve these results?
Hello,In my web site I have 2 types of users: students and professors.All users need to login but the personal information for each user type has different fields.So I create 3 tables: professors, students and authentication,"professors" will have all the personal data from professors."students" will have all the personal data from students.authentication will have the username and password from all users.How can i link authentication table to both professors and students tables so when the user logins i get the data from that user, either a professor or student?And is the right way to do this?I am using SQL 2005 and Asp.Net 2.0Thanks,Miguel
I know this may sound stupid but I really can't figure out how to do it. I just keep going around in cricles.
I need to create six table under three different users. so I would have users1 owning tableA and tableB. Then I would have users2 owning another copy of tableA and tableB. same for users3.
But I just can't find a way of doing it, I am using enterprise manager. Please help, Ed
I created and successfully tested a trigger on a test database. Now that Iwant to put this on a production system, the create trigger statement takesway too long to complete. I cancelled after a few minutes. The testtrigger took just a second to create. The test and production databases areidentical in design. Only difference is that there are users in theproduction system.Any ideas?Thanks
I need to be able to set up a table listing users permissions, this needs to be run daily and then notify me of any changes without using the auditing or profiler software.
There's something I can't quite figure out about user creating
The application that I'm currently working on is interacting with DB, therefore every time you use application you need to login as user which is fine. The problem is that certain users should be able to create new users and the new user may even have the same level of permissions as the one that's creating it ( like admin creating another admin acount or some like that).
Question is how can I allow users to create these user with giving them as few permissions as possible.
If there's is somewhere a code sample on the net I would appreciate the link.
Our company has 2 Database Roles (DBE and DBA). The DBE creates database schema, performs SQL Server Administration, and manages server security. The DBA writes data access, ETL, and manages database security. In 2005, we're struggling with how to allow the DBA to see all of the logins on the server in order to add them as users of their database. What permissions does the DBA need to select from any of the logins on the server to add them to their database?
