SQL Server Admin 2014 :: Deny Access To AD Login For Certain Period Of Time
Apr 23, 2015
SQL server job or SP to deny access to an AD login for certain period of time to SQL server instance...i.e. to deny access to login ADxyz from 12 PM to 10 PM and revoke access to same login at 10:01 PM...
View 3 Replies
ADVERTISEMENT
Aug 27, 2015
I want to set up a database role so that users can use sp_readerrorlog through SSMS. It does a check on membership in the securityadmin role.
I have tested it and can see you can grant execute on xp_readerrorlog but the SSMS GUI uses sp_readerrorlog.
I thought I could create a user/certificate and add the signature to sp_readerrorlog but it's not permitted (likely because it's not a normal database object).
So the other solution is to add the users to the securityadmin role but then explicitly deny alter any login (best done with a custom server role in 2012+ but otherwise just manually in 2008). I tested this out and it works, I'm not able to alter any logins or increase my own permissions, I also did a check of what's reported from fn_my_permissions(null, null) and it shows minimal permissions like I'd expect.
View 0 Replies
View Related
Feb 8, 2015
How to delete the job history for particular runs.
Suppose if a job run 3 times/day. I want to keep the oldest information and delete the recent 2 runs history.
View 5 Replies
View Related
Feb 4, 2015
How can we deny an Object select Permission which have Sysadmin role.
View 2 Replies
View Related
Nov 20, 2014
Is there any way I can deny connection from SSMS only from remote servers?
View 7 Replies
View Related
Jul 28, 2014
I am currently running SQL 2014 in my production environment. Both machines are configured for Windows Failover Cluster Services so that we could take advantage of AlwaysOn Availability Groups.
Currently we are experiencing a issue where our web application is throwing an error, "Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding." I am pretty sure that the error is being thrown from the application, but I can't prove it. Because the error states it is SQL, the consensus seems to be that SQL is having the issue. I need to know how to troubleshoot it to ensure that SQL is not the problem.
View 9 Replies
View Related
Sep 1, 2015
I am planning to delete a login from SQL logins because he moved out from project .when i try to delete the login , it throws an error saying " The server principal owns an endpoint and cannot be dropped , error 15141 "
Same problem facing on different servers.
Note : Environment is SQL 2012,SQL 2008 including cluster servers .
View 2 Replies
View Related
Oct 6, 2014
I've migrated a server with SQL Server 2008R2 and Reporting services into a new box with SQL Server 2014, but forgot to change the timezone to the correct one. I've changed it later, but it seems like the reports are running by the old default timezone. The schedule says that the report should run at 6:30am, but the Last Run column shows 8:30 PM.
I need to fix it without manually updating each subscription with some date/time conversion.
View 1 Replies
View Related
Apr 7, 2015
I have this query
SELECT top 100 Ltrim([text]),objectid,total_rows,total_logical_reads , execution_count
FROM sys.dm_exec_query_stats AS a
CROSS APPLY sys.dm_exec_sql_text(a.sql_handle) AS b
where last_execution_time >= '2015-04-07 10:01:01.01'
ORDER BY execution_count DESC
But the result of execution count is from the first. I want to know it only one day.
View 9 Replies
View Related
Jul 27, 2015
Is there any single TSQL query which provides below info.When did my AlwaysOn Availability group failed over and from which node it failed to which new node(i.e. replica)?
View 3 Replies
View Related
Oct 20, 2015
I've used some info on here to generate random dates within a given range and also random times - independently they work fine, but I can't seem to join them into a single field of datetime. I'm not sure why. The following snippet works fine as two independent fields:
select CAST(CAST(ABS(CHECKSUM(NEWID()))%(780)+(33968) AS DATETIME) as DATE) as theDate,
CAST(CAST(DATEADD(milliSECOND,ABS(CHECKSUM(NEWID()))%86400000 ,'00:00') AS TIME) as varchar(50)) as theTimeBut when I try to make it a single datetime field:
select CAST(cast(cast(CAST(ABS(CHECKSUM(NEWID()))%(780)+(33968) AS DATETIME) as date) as varchar(50)) + ' ' + cast(CAST(CAST(DATEADD(milliSECOND,ABS(CHECKSUM(NEWID()))%86400000 ,'00:00') AS TIME) as varchar(50)) as varchar(50)) as datetime)
Which returns with: Conversion failed when converting date and/or time from character string.
So what I am really looking for is a way to join those two values into a single datetime field... Or failing that that how to generate random dates within a range including random times...
View 9 Replies
View Related
Oct 29, 2015
This store procedure will get some executable queries from the select statement, the cursor will fetch each rows to execute the query and insert the queries into table_3 to mark as 'E'. Until 17:00, this store procedure will stop execute the queries and just get the queries from select statement insert into table_3 to mark as 'C'.
I don't know why the outputs in table_3 are quiet different than I think. This store procedure comes out with two exactly same queries and one marked as C and another marked as E.
CREATE PROCEDURE procedure1
AS
DECLARE cursor_1 CURSOR FOR
SELECT
'This is a executable query'
FROM table_1
DECLARE @table_2
DECLARE @stoptime DATETIME = NULL;
[Code] ....
View 8 Replies
View Related
Dec 3, 2013
We have applications connected to SQL using windows authentication. While having connection with Application user can also access to Database instance on the same time as well. We need to limit the access of user outside application.
View 6 Replies
View Related
Nov 24, 2014
How do I grant a specific access to a schema. I have a request to grant a ddl access to a schema called Business_Banking.
View 1 Replies
View Related
Jan 5, 2015
I have SQL Server 2014 (Enterprise) on Server A. The service runs under DomainAAdmin.
The Client machine is B, User credentials DomainBUser.
DomainBUser has a share on B that contains a BCP data file. DomainAAdmin has full access to this file.
If I log onto A (the server machine) with either DomainAAdmin or DomainBUser credentials, and run SQL Server Management Studio with Windows Authentication I can run BCP sucessfully using the following:
BULK INSERT [MyTable] from 'Bsharedatafle.tsv' WITH ( KEEPNULLS , KEEPIDENTITY ) However, if I log onto B, (the client machine and the machine hosting the share) and try to run the same bcp command, I get "Access is Denied".
View 5 Replies
View Related
Nov 25, 2014
On one of our SQL Server 2014 boxes each database has a copy-only full backup made every night, in addition to the maintenance plan schedule of a full backup weekly, daily differential backups and log backups.
When performing a PIT restore in SSMS the restore file list lists the most recent copy-only backup as the full backup to use, not the most recent plan full backup. I noticed that using SSMS 2008 to start a PIT restore on the 2014 box does not have this problem, and lists the correct restore file sequence (ignores the copy-only backups).
View 9 Replies
View Related
Jul 6, 2015
I try to connect from a pc to a SQL Server on another pc. Both pc’s are in a workgroup. I want to connect from a Windows Forms application to a named instance on the other computer. By now I have been able to connect from one pc to SQL Server on the other with tcp:smurfin, 52782.
I want to be able to use servernameinstancename (instead of portnumber) to make a connection in a Windows Forms application.
I’ve checked / tried te following:
•In the properties of the instance, tab Connections, the option Allow Remote Connections is enabled
•In Configuration Manager: TCP is enabled
•The service SQL Server Browser is started
•On the tab IPAddresses, in the section IPAll, there is NO portnumber for TCP Port. And TCP Dynamic Ports has the nummer 52782
•I have created un inbound rule for port 52782 and also for 1434 (SQL Server Browser). And to be on the save side: a rule for 1433 as well.
•Restarted the service
If I run the following code in SQL Server, that same port number (52782) is returned:
EXEC xp_ReadErrorLog 0, 1, N'Server is listening on', N'any', NULL, NULL, 'DESC'
GO
SELECT local_tcp_port
FROM sys.dm_exec_connections
WHERE session_id = @@SPID
[Code] ....
View 5 Replies
View Related
Aug 24, 2015
While running Sql 2014 upgrade advisor against a 2005 remote sql server. Below is the error im getting:
"Could not populate SQL Instances: System.Security.SecurityException: Requested registry access is not allowed"
Its able to connect SQL 2005 DB server and its also populating all the required Databases, but when i'm tring to click Run at the last step above error is coming. I even installed SQL 2012 upgrade advisor in my system and getting the same above error.
However if i use SQL 2008 upgrade advisor and connect to SQL 2005 server im not getting any error.The tool is generating successfully all the Pre and Post upgrade issues.
I'm running the tool with Run as administrator option. Is there any specific change i need to do in my system so that the tool runs successfully.
View 2 Replies
View Related
Sep 15, 2014
I have a user, who is trying log into the server, but everytime he gets this error saying something about the Group policy denies him access.
This user needs access and i'm trying to understand how to grant it to him.
I have been looking into how i can access the group policy editor, but the farthest i can get is the Local group policy editor. How do i make sure this specific user has access?
View 1 Replies
View Related
Oct 16, 2014
I'm trying to create a job that will copy a backup file from a mapped network drive to a local folder however it keeps failing due to a privilege.
The command is:
copy 10.10.10.5f$ est.nightly H:MSSQLBackup est.nightly
I can run the command successfully from the command prompt, however using the same command in a SQL Server job it fails with "Access is denied".
How do I configure the mapped network drive to allow the Sql Server Agent to get access to it?
View 1 Replies
View Related
Feb 24, 2015
My sa account can not see the tables in the db. but can connect to the server
View 2 Replies
View Related
Jul 23, 2005
I have an identical SQL database on two machines (my machine and a webserver) that links to a database on a third server (S3). When I executea stored procedure on my machine that accesses a database on S3, italways runs without a problem. However, when I run the same storedprocedure on the webserver (via Query Analyzer on my machine, connectedto the webserver), the stored procedure runs without a problem forabout ten minutes, and then I suddenly receive the error "Login failedfor user '(null)'. Reason: Not associated with a trusted SQL Serverconnection.". If I then connect remotely to the webserver via RemoteDesktop Connection and run the stored procedure there it works, andthen I can run it again on the webserver via Query Analyzer on mymachine, but the same problem will occur again after about ten minutes.The only difference between my machine and the webserver is that thewebserver is running Windows Server 2003, whereas my machine runsWindows XP. All settings in SQL on the two machines are identical, so Iwould love to know if anyone has a possible solution to this seeminglyrandom problem.
View 23 Replies
View Related
Dec 5, 2014
I've recently started working with a public sector organisation who have 4 clustered sql instances that has 80% of it's db mirrored.
Looking at the transaction log - it seems that a transaction log backup is a good idea as the log is 4x larger than the data file.But I'm not allowed access to the physical server to check onto which drive I can create the trn. No RDP, no vmware - let's be honest I'm not even allowed to launch cmd line Also the Server Manager informs me "We will need to carefully look at database backups if you guys want to start doing these backups on box, as that will break our off box backup routine (it will screw the transaction chain)."
I don't understand how backing up the transaction log could break the "transaction chain"?
View 9 Replies
View Related
Sep 15, 2015
I have 3 servers taking part in an AlwaysOn AG.
I want to grant a user READ access to only one replica, and certainly not to the principle.
How do I go about doing this?
View 4 Replies
View Related
Jul 16, 2015
We are upgrading from SQL 2008R2 to SQL2014 but we have discovered that a couple of our applications are not supported on 2014. We'd like to keep one 2008R2 server and one 2014 server until we have time to upgrade the applications and move everything to the new server. The problem is we have custom code in some of the 2014 databases that access tables in the 2008 databases.
I know we can easily do cross server joins by using a linked server, but it would be a huge undertaking to find all that code and add a linked server name in front of every table, stored procedure, etc. So my question is, is there any way to move a database to a different server and still be able to access it without having to qualify the object names with a linked server? Is there some kind of server/database synonym that can be setup that would be recognized by all databases?
View 8 Replies
View Related
Oct 1, 2014
I have a Windows Server 2012 R2 2 node cluster with SQL Server 2014 FCI installed. Data files are on a separate Windows Server 2012 R2 file server. Data files share has been permissioned to the SQL Server service and SQL Server Agent service accounts as Full Control. NTFS Permissions are Full Control.
When I try to attach a database
CREATE DATABASE AdventureWorksDW2012
ON (FILENAME = 'apricotmssql_VIOLETMSSQL12.MSSQLSERVERMSSQLDATAAdventureWorksDW2012_Data.mdf')
FOR ATTACHI get this error:
Msg 5120, Level 16, State 101, Line 4
Unable to open the physical file "apricotmssql_VIOLETMSSQL12.MSSQLSERVERMSSQLDATAAdventureWorksDW2012_Data.mdf". Operating system error 5: "5(Access is denied.)".
If I log into the file server (called APRICOT) and look at the NTFS permissions they all look good. I have also reapplied the NTFS permissions from the root folder down.
EDIT
If I log on to one of the nodes in the cluster as the SQL Server service account and navigate to apricotmssql_VIOLETMSSQL12.MSSQLSERVERMSSQLDATA and copy and paste the data file, it works fine.
EDIT2:
If I log on to the file server and Enable Inheritance at the root level, then Replace all child objects with inheritable permission entries from this object, I get this error:
User Account Control settings on all nodes and the file server are set to Never notify
View 0 Replies
View Related
Dec 23, 2014
is bulk logged recovery model support point in time recovery
View 9 Replies
View Related
Nov 2, 2007
We want to deny access to sql server 2005 database by the sql management studio or any other sql editor while our developed application can access the database even malicious user gets the login name and password by disassembling our code
View 1 Replies
View Related
Sep 6, 2007
We are using Win2k3 R2 with SQL 2000 in a domain environment.
Is it possible to create a domain group to grant admin level and user level access to SQL2000/2005 without giving users server admin or domain admin access?
It has always been my impression that to have admin access to SQL that you had to at least had admin level access on the server.
Any clarification would be greatly appreciated.
Thanks!
View 1 Replies
View Related
Jun 22, 2001
Is there a way to determine the last logon time for a given SQL Login?
View 1 Replies
View Related
Apr 26, 2015
Oracle and Teradata are able to capture the windows/client login that connects to their database with a functionnal ID.I've searched around and I don't think MS SQL can do this...I administer SQL 2014 server and also SAS Enterprise guide product. I've created sql server logins for several teams so everyone shares the same sql server login which is used to bind the SAS library to my SQL server database.
However, when looking at activity monitor, I can't drill down to which user is executing a particular query. I only see the SQL login which is share amongs 200 other folks.On the other hand, when they connect from SAS to Oracle or Teradata, I can see the shared login + additionally their windows NT login used to connect to SAS which is awesome....they can't fool me by using a shared/funcionnal ID....i still see who's using that ID...
View 2 Replies
View Related
Jun 11, 2015
Is there a way to keep track in real time on how long a stored procedure is running for? So what I want to do is fire off a trace in a stored procedure if that stored procedure is running for over like 5 minutes.
View 5 Replies
View Related
May 7, 2008
Hi All,
I would like to disable a user account from logging to the database. I would like to know the difference between deny connect to sql permission and disabling an account by alter login disable. Please advice. Thanks
View 1 Replies
View Related