SQL Server Admin 2014 :: How To Setup Open Querying Of Active Directory
Mar 9, 2015
I am trying to setup querying Active directory from sql for the first time.
We are running on windows server 2012 and using sql 11.0.2100.60. Have tried the following
sql is on sever dev
AD is on sever DO
EXEC sp_addlinkedserver 'ADSI', 'Active Directory Services 2.5',
'ADSDSOObject', 'adsdatasource'
GO
[Code] ....
I get the following error when I try and query
Msg 7321, Level 16, State 2, Line 2
An error occurred while preparing the query "SELECT name
FROM 'LDAP:// xxxx.internal'
WHERE objectCategory='Person' AND
objectClass = 'contact'" for execution against OLE DB provider "ADSDSOObject" for linked server "ADSI".
View 1 Replies
ADVERTISEMENT
Apr 24, 2015
I have more than 3000 Active Directory Users, I have created Role Level Security on one table by using Suser_name(), Now all the active directory users need to connect sql server and access the database role object. How can I achieve that without Using .net?
I am able to add all active directory users to sql server in one go, but I am also trying to achieve same time to map with database role as well? Is it possible ?
View 2 Replies
View Related
Feb 11, 2015
I am running into a weird issue with a new SQL Reporting Services 2014 server I built. I installed SQL Reporting 2014 on Windows Server 2012 R2 and configured Kerberos, but the site is extremely slow. After some reconfiguration and log captures I have determined the issue has to do with the Kerberos setup, however I am running a similar configuration with SQL Reporting Services 2008 on Windows Server 2008 R2 and do not run into the same errors.
The error I see while using Wireshark is KRB Error: KRB5KDC_ERR_BADOPTION NT Status: STATUS_NO_MATCH. When I drill down the into the error I can see the kerberos string is testprjmnmtreports14.company.com, which is the URL we are using to access the site. I made sure to add that name as an SPN for the service account that is running SQL Reporting Services, however I still receive the error.
Then I tried configuring the site to run without a hostheader, so I accessed the site with the server name, ECTSTSQLRS5, and the site works perfectly fine, no errors are reported either. So it seems I have isolated the issue down to Kerberos but I am not sure how to resolve it. Here is some more information about my environment:
DNS/URL used: testprjmnmtreports14.company.com
Server Name (FQDN): ECTSTSQLRS5.company.int
AD Domain Name: company.int
Server Version: Windows Server 2012 R2
AD Functional Level: 2008 R2
As you can see I am trying to use a .com address but my AD domain is .int which I think is the issue, but I do not have the same problem on my other server that is running Windows Server 2008 R2. What do I need to do to allow my new site on 2012 R2 to work with this DNS Alias?
View 0 Replies
View Related
Jul 1, 2005
Any idea on how to query active directory to find out list of groups nad users etc..using sql server?
View 6 Replies
View Related
Sep 11, 2007
Does anyone know of any good references (books or web sites) that provide examples of querying AD from SQL Server? I have the database link setup and have done two very simple queries against AD but I would like to see more in-depth examples.
Thanks.
View 1 Replies
View Related
Apr 6, 2007
Has anyone used this successfully from an OLEDB source component, or even from the Execute SQL Task? I've seen some examples of using a script component, but nothing that uses it through a connection manager.
View 6 Replies
View Related
Jul 20, 2005
Hello --I'm trying to get SQL Server 2000 on a Windows 2000 Server to be ableto query an Active Directory. We've got two domain servers one Win2000and one Win2003. However, I'm having problems:I've run the following query to setup the linked server:sp_addlinkedserver 'ADSI', 'Active Directory Service Interfaces','ADSDSOObject', 'adsdatasource'Using Enterprise Manager I've changed the login details for the ADSIlinked server to:Be made using the following security context:Username: MyDomainAdministratorPassword: ****I've then tried to run the following query in Query Analyzer:SELECT * FROMOpenQuery(ADSI,'<LDAP://CN=Users,DC=MyDomain,DC=com>;(&(objectCategory=Person)(objectClass=User));name,ad spath')But get the following error message:Could not execute query against OLE DB provider 'ADSDSOObject'.Does anyone have any ideas on what this message means or how to getthis working?Thanks--James Allanjames [at] allan-home.co.uk
View 2 Replies
View Related
Mar 3, 2015
Is there anyway,can we find the list of servers by querying at active directory?
View 3 Replies
View Related
Nov 19, 2007
Can someone please tell me or provide a link explaining how I can query the active directory for
usernames from sql server 2005. I'm actually creating usernames on the fly and I need to check if they already exist in the active directory. Thanks.
View 3 Replies
View Related
Jan 8, 2008
Need help understanding error message from CLR:
I encapsulated calls to Active Directory in a dll. This dll works very well for a call or a few calls. However when I wrote a winapp that calls many times repeatedly to this dll and consequently to DirectorySearcher, I recieve the following message after many iterations have been made: (while debugging, or in release mode same problem occurs)
Managed Debugging Assistant 'ContextSwitchDeadlock' has detected a problem in 'D:DevProjectsADQuerySysRegLoadPersGrpsSRLoadPersGrpsSRLoadPersGrps�inReleaseSRLoadPersGrps.vshost.exe'.
Additional Information: The CLR has been unable to transition from COM context 0x1a0998 to COM context 0x1a0b08 for 60 seconds. The thread that owns the destination context/apartment is most likely either doing a non pumping wait or processing a very long running operation without pumping Windows messages. This situation generally has a negative performance impact and may even lead to the application becoming non responsive or memory usage accumulating continually over time. To avoid this problem, all single threaded apartment (STA) threads should use pumping wait primitives (such as CoWaitForMultipleHandles) and routinely pump messages during long running operations.
Continue & breakAll after the above error thrown caused this system error code to be generated: H80131c25
Here's one of the subs in the dll that is causing the problem. After multiple calls to the directorySearcher, one or another call fails with the above error. (on the FindOne method here, but on the .GetDirectoryEntry method in another sub, random which one fails, it's the number of iterations that is the problem) Question I have is: Is the only way to stop this error to reduce or slow down the calls to DirectorySearcher?
Private Sub GetGroupName(ByVal GroupName As String, ByRef strDistinguishedName As String, ByRef strMsg As String)
Dim strFilter As String
Dim entry As DirectoryEntry
Try
strFilter = "(&(objectClass=group)(cn=" + GroupName + "))"
Dim myArr() As String = {"distinguishedName"}
Dim mysearchroot As DirectoryEntry = New DirectoryEntry(myLDAPPath)
Dim myDirectorySearcher As New DirectorySearcher(mysearchroot, strFilter, myArr, SearchScope.Subtree)
Dim mySearchResult As SearchResult = myDirectorySearcher.FindOne
If mySearchResult Is Nothing Then
Throw New Exception("Get Group Name: No groups by name: " & GroupName)
End If
entry = mySearchResult.GetDirectoryEntry()
strDistinguishedName = entry.Properties.Item("distinguishedName").Value.ToString
'cleanup
entry = Nothing
mySearchResult = Nothing
myDirectorySearcher.Dispose()
mySearchResult = Nothing
Catch e As Exception
strMsg = "Failed to Get Distinguished Group Name for: " + GroupName + " " + e.Message
strDistinguishedName = ""
End Try
End Sub
View 4 Replies
View Related
Jul 27, 2007
Hi
I have been trying for quiet few days to retrive members of a domain group without providing access to that group to SQL Server. I dont have any kind of access to active directory. If I provide access to that group to SQL Server, I can use xp_logininfo to retrive members of the domain group. When I check the xp_logininfo system stored procedure it is using OPENROWSET function without providing any connection strings. I have tried the same but getting the below error:
Server: Msg 156, Level 15, State 17, Line 1
Incorrect syntax near the keyword 'OPENROWSET'.
Can any help me out please..... TIA.
View 4 Replies
View Related
Jun 19, 2015
I am setting up extended events more or less just fine, however I am a bit confused as to how to read and load them into a table for querying. In particular the offset part - is there a way to load just a given dates worth in?
I've got the files configured to be 20MB before rolling over, the XE is running all the time.
So if i load in the full file now, say that covers 2.5 days worth, when I load it again tomorrow to get the updated data I'm also reloading today, which is a waste?
I presume I am going about this wrong, but lack an example that really goes into detail of practicalities of loading this data.
View 0 Replies
View Related
Nov 4, 2015
We have a SQL 2014 active passive cluster with 5 instances. When the cluster was installed one of the nodes was a virtual machine. As we started to have problems and this is not a Microsoft supported configuration we decided to replace the virtual node with a phyiscal one. On 3 of these 5 instances we configured static ports (1433 TCP) this was required for applications and firewall implementation.
Now with the physical node joined to the cluster we have issues with these three instances. Whenever one of these instances is moved to the passive node the server authentication is changed from mixed to windows only. I'm no SQL expert at all but to me it looks like the configuration of the instances are not replicated to the passive node? I found some similar problems on the net but these are mostly under sql 2008.
View 4 Replies
View Related
Dec 9, 2014
we have roughly 22 people connected to one database. But after a while, their applications begin to drag due to in and out communication with the server. When i check the active connections on the sql server, some times i see 157 active connections, please how to i set a timeout or connection interval close, so as reduce the heavy load being put on the server. Or how can i automatically close connections when they get higher than 50 connections.
This settings should be sql server 2008 related.
View 5 Replies
View Related
Nov 25, 2014
I want two write a small script to determine which is the currently active (primary) server in the AG.
Right now, I see that using SELECT * FROM SYS.dm_hadr_availability_replica_states I can determine the role. However, when the server goes down and switches to the secondary node, I don't believe that the role changes (or does it?). How do I determine which is the active node?
View 9 Replies
View Related
Aug 10, 2015
I have been facing following Error in Failover cluster setup as below. I have prepared 2 node and 2 instance sql server failover cluster on top of windows failover.I have deleted MTCBJINS07 in AD and recreated even after, problem is not solved. MTCBJINS07 is my 2nd sql instance sql server network name.
Cluster network name resource 'SQL Network Name (MTCBJINS07)' failed registration of one or more associated DNS name(s) for the following reason:
DNS bad key.Ensure that the network adapters associated with dependent IP address resources are configured with at least one accessible DNS server.
View 2 Replies
View Related
Jan 23, 2015
I'm using SQL accounting software now and i have a problem with my designer report. When i using designer report to design my customer statement of account, after i save the new design, i haven't rename it for the new statement report so the name there empty and i exit the designer report. So when i re-open the designer report, suddenly pop out "field value required". What should i do...? How can i re-open the designer report again?
View 1 Replies
View Related
Apr 30, 2015
I recently installed standalone version of SQL 2014 Standard on my work computer. I used Access before but I want to use a SQL server instead.
We have a shared drive that a file gets deposited every day at midnight. I want to be able to get this file and import it to the server (its basically a list of names).
Here what I have done so far:
I created the database
Created the file and successfully imported data into it using the Import Data feature.
I saved the SSIS package
Scheduled an Agent Job for this package to run at certain time,daily
At first the jobs would fail with a Access is Denied. I added a user under Credentials with my network account ( have admin rights on the work computer).Also added a Proxy for the Credential user I made.
Jobs fail with a “Cannot open data file” error. I tried changing things here and there, but I can’t get it to work.
View 9 Replies
View Related
Apr 8, 2015
My company is migrating all their servers to a new data center and I get to specify what we need for the db servers.
We've got a 22 prod servers (mainly physical) with a couple of TB of data on sql 2000 to 2012.
We expect to move to sql2014, and consolidate and virtualise where ever possible.
But I'd like start with specifying an overall architecture for this: some Best Practices to guide the build at a server and an installation level
View 1 Replies
View Related
Mar 31, 2015
I set up the collector, and specify the Run As as my AD account in the Collector Set - Properties - General screen. My AD account is the local admin of the remote server.
However, the collector does not seem to work. Although the collecting set is shown as running, the The blg file stays at 64K. If I open it, there is nothing inside (no counter at the bottom). What did I miss?
View 1 Replies
View Related
Jun 6, 2004
Hello,
I have recently upgraded my the server that runs SQL Server to an Active Directory Domain Controler. Now I can't connect to the SQL Server from ASP.NET Applications when the application is not located on the local machine. The error message I get is SQL Server does not exist or access is denied.
I have no problems connecting with QueryAnalyer and Enterprise Manager from my workstation. I have added the Sql Server to the directory via the "Active Directory"-tab in the Property window for my Sql Server Registration i Enterprise Manager.
If I copy a directory from the wwwroot on my workstation to the server the application has no problem to connect so the connectionstring seams to work fine.
Any ideas?
Regards,
Kalle
View 1 Replies
View Related
Aug 27, 2015
I want to set up a database role so that users can use sp_readerrorlog through SSMS. It does a check on membership in the securityadmin role.
I have tested it and can see you can grant execute on xp_readerrorlog but the SSMS GUI uses sp_readerrorlog.
I thought I could create a user/certificate and add the signature to sp_readerrorlog but it's not permitted (likely because it's not a normal database object).
So the other solution is to add the users to the securityadmin role but then explicitly deny alter any login (best done with a custom server role in 2012+ but otherwise just manually in 2008). I tested this out and it works, I'm not able to alter any logins or increase my own permissions, I also did a check of what's reported from fn_my_permissions(null, null) and it shows minimal permissions like I'd expect.
View 0 Replies
View Related
Jun 5, 2007
I look for and try to get data from Active Directory to MSSQL Server, but have same error:
Msg 7321, Level 16, State 2, Line 1
An error occurred while preparing the query "SELECT name
FROM 'LDAP://office.experter.group'
WHERE objectCategory = 'Person' AND objectClass = 'user'" for execution against OLE DB provider "ADsDSOObject" for linked server "ADSI".
for the code:
select * from openquery
(
ADSI,'SELECT name
FROM ''LDAP://office.experter.group''
WHERE objectCategory = ''Person'' AND objectClass = ''user'''
)
I create linked server:
EXEC master.dbo.sp_addlinkedserver @server = N'ADSI',
@srvproduct=N'Active Directory Services', @provider=N'ADsDSOObject',
@datasrc=N'office.experter.group'
I've changed security setting, format of LDAP. Please advise me
View 2 Replies
View Related
Nov 17, 2006
It's me again guys. First let me say that I truly appreciate the knowledge that I see on this forum. Now on to my question.
How can I use SQL Server to import the active accounts from our Exchange Server? Thanks.
Everything I know I learned from the web.
View 7 Replies
View Related
Nov 1, 2007
Sometimes a user name will change in Active Directory and I have to change the name in SQL Server as well. So what I do is first delete the old user name from SQL Server's logins. However I wont be able to see the new user name in SQL Server to add it as a legit user until I roboot the server. Is there somekind of code I can execute to resynchronize with Active Directory again?
View 5 Replies
View Related
Mar 14, 2007
Here is what I tried to do:
exec sp_ActiveDirectory_SCP @Action = N'create'
error message output:
The service cannot be started, either becuase it is diabled or because it has no enabled devices associated with it.
Msg 22039, Level 16, State 1, Line 0
xpadsi90.exe failed.
How do I get around this problem?
I have SQL server 2005 + sp2.
Thanks,
Bobby
View 5 Replies
View Related
May 28, 2004
I want to create a view in SQL populated with users from our Active Directory. I have learnt that this can be done using linked server. I have tried using the following:
sp_addlinkedserver 'ADSI', 'Active Directory Services 2.5', 'ADSDSOObject', 'adsdatasource'
go
sp_addlinkedsrvlogin @rmtsrvname = 'ADSI', @useself = 'false', @locallogin = 'sa', @rmtuser = 'lok_applications', @rmtpassword = '9dfFfG374GoiAo6yxxc8oZ'
SELECT *
FROM OpenQuery( ADSI,
'SELECT * FROM "LDAP://194.22.1.18/DC=lok,DC=net"')
I keep getting this error no matter what I try:
An error occurred while preparing a query for execution against OLE DB provider 'ADSDSOObject'.
OLE DB error trace [OLE/DB Provider 'ADSDSOObject' ICommandPrepare::Prepare returned 0x80040e14].
Any ideas why??
View 5 Replies
View Related
Nov 3, 2004
I was wondering how exactly one can search the Active Directory with SQL Server 2000. There is all kind of stuff on the Internet about how to connect them and how useful it is to connect them together - plus how you can use Active Directory to query SQL Server, but I`ve never encountered any article where they explain how SQL Server can search the Active Directory.
I`m thinking about how one has their user-database in Active Directory with all users in groups, but only uses groups in SQL Server. How exactly can SQL Server figure out how a user belongs to a group?
Does Active Directory tell SQL Server about that when the user tries to access something from SQL Server, or does SQL Server already knows which group is accessing it as soon as the user authenticates in Active Directory?
View 7 Replies
View Related
Nov 24, 2004
Hi,
I am new to Microsoft Technologies, can any one say how to connect/ retrieve data's from Active Directory through SQL SERVER from scratch. I need with some sample codes.....
Thanks in advance
raj d.s
View 1 Replies
View Related
May 9, 2007
Hi,
Couple questions regarding SQL Server Active Directory Helper service:
a)What is its purpose?
b)Where can I get more detailed information about this service and
SQL Server 2005 services in general?
c)How can the following error during start up phase of this service
be avoided?
Error Message:
'0' is an invalid number of start up parameters. This service takes two start up parameters.
FYI: SQL Server 2005 is run on Windows XP professional.
Thanks,
Mike
View 2 Replies
View Related
Jul 20, 2005
Hello All,I have a linked ADSI Server to our company Active Directory andeverything is fine. I'm running queries and such using LDAP. BUT howcan I aquire a list of attributes for the classes and categories. Suchas if i wanted to see a user's telephone number and email address foruse in a corporate database? Is this possible?Thanks
View 4 Replies
View Related
Aug 12, 2015
I have a SQL 2008 running on a server that is not part of an Active Directory Domain. I would like to add the server to Active Directory. How will this impact SQL in terms of the SQL users, Windows Authentication, and permissions?
View 2 Replies
View Related
Mar 19, 2008
Hi all,
just want to confirm this:
We have a department and want to grant them access to various databases on a sql server 2000 instance. Can we create an AD group for these users and just add the group as a login to SQL Server? Or do we have to create a db user for each member of the group and map the logins one by one?
Thanks
View 1 Replies
View Related
