I have recently published a report to SRS. I created a new service account and assigned that account the "Browser" role for the report that I wanted the service account to access. However, upon connecting to the SRS URL with the new service account, I am unable to view any reports. I then added the "view" and even the "Content Manager" role, and I still could not see the reports. I made the service account an admin on the box and I could see the necessary reports. Is there a local group that I need to place user accounts that I want to be able to access the reports I publish to the srs url?
The DBA at our location is demanding local admin (windows) right's to the box so he can function. Right now when he logs in i have given him right's to the inetpub directory, sql directory, i have set him as a sysadmin on sql2005 and gone into the http:\localhost eports and set him up as a system manager and under site priveledges set him as a sys admin. When he tries to login and configure the report server he gets the following error:
Title-Reporting services configuration manager
Error-There was an error refreshing the UI. bla bla bla
A WMI error has occurred and no additional error information is availiable
Title-Reporting services configuration manager
Error-There was an error while switching panels. The most likely cause is an error retrieving WMI properties. bla bla bla
A WMI error has occurred and no additional error information is availiable
then when he's in sql server 2005 surface area configuation
Title-Surface Area Configuration
Error-Access denied (system.management)
Is there any documentation or anythign anyone can tell me that i can do to give this DBA full access to configure and admin the SQL portion of his system without giving him admin rights to the OS???
Please help!!
Thanks for any time anyone has taken to review this thread!!
We moved a development reporting services database to a new server last night and followed the MS 'Moving a Report Server Database to another computer' directions. We used the Reporting Services Config tool to make the changes, remoted into the 2003 windows server - which is running sql Enterprise reporting and connecting to a 2005 Enterprise cluster.
We had two small problems - although everything seems to be working fine. The First try seemed to be unsuccessful because we did have the service started after applying the database connection changes. The directions don't mention starting the service before you hit apply. The second time we got an error that said "Create Grant Rights Script - The Task Failed". We entered a sql login that was a sysAdmin during the setup.
The exception details started off with: System.UnauthorizedAccessException: Access is denied
If the rest of this error is needed I can type it out...I was sent a screen shot of it! Thanks for any help - we are moving production soon and I'd like to understand what went wrong. Thanks Sam
Hello, I need to create a sp that allows a user(not sa) to reset passwords using sp_password. The part that I'm stuck on is how to login within the proc so that the user(not sa) can exec the sp_password as sa without having to give the user sa rights. I don't mind hard coding the sa password with the proc but I can not give sa password to the users. Do I need to somehow alter sp_password for this to work?
Need to give a user permission to add logins and users to a database. Have tries to alias the user to DBO but it doesnt work. Is there a way to do it other than reassigning DBO permissions to the user.
Is there a way in SQL server to grant "SA" rights to non-SA users for certain commands.
I know there's a way to do this in Sybase by creating a password protected role and then activating it within a stored procedure.
Thus, the specific right is only active for the brief duration of the stored procedure - which runs the particular command to be granted. The role is de-activated at the end of the stored procedure.
I have a basic question regarding rights. What level of rights do Ihave to have to grant another user update rights? I don't want togive everyone owner rights. Can a person with update rights grantanother person update rights?Thanks.
Hi everybody, The below I posted on SQL 2000 Forum about a week ago. Any new thoughts................ I would like to get an input from as many people as possible on the following: In our organization DBA is responsible for 5 servers ( currently NT 4/SQL 7)and is a part of group of a 5 people including manager and 3 developers. DBA currently has a FULL access to every server. In a few months we will be replacing the existing system with Windows 2000/SQL 2000. LAN group will give to DBA only a read rights for the Windows 2000 environment, saying that the AUDITORS, both internal and external, require that. In other words, if DBA needs to run a command prompt, move files from one directory to another in Production environment, he has to fill the request to LAN, so LAN group would do that. So I guess the main question(s) is: What is the degree of involmment of DBA with Operating system? Is DBA suppose to be an NT administrator ( I dont think so, since DBA has a lot of other thing to do? If DBA accidently makes an unwanted changes to the Operating System, who should be blamed for ( not personally, but in more general terms) and would it be an extra argument to take write rights away from a DBA? What auditors saying about that? Thanks a lot in advance, Andrei
I have a user that is requesting sa rights on a test server. I prefer to give him aliased dbo rights. What is the difference between the two?? What can he not do with dbo that he could with sa??
hi, I am having a database in sql server 7.0. it has a web front end database. how can I grant access to the tables. do I create a guest logins in the security folder, then in the database user tab, I give access as read,write. Or there is another way to do it.
Hi, I have public and dbo rights on a sp. I am trying to call this sp thru a EntityBean(Java). But I am getting an error. Can anyone tell me what all rights do I need to execute this stored proc.? TIA. Jay
I have a user that should only have the rights to view the jobs and database properties within Enterprise Manager. I am not sure how to do that. Can you please help? Thanks.
I've restored the dev db from the prod backup which overwrote the users and their rights in dev db. Is there any way that I can find out what those rights were? I have the list of users in dev db but not their rights . Thanks.
They are not responsible for the server, user accounts, software updates of any kind or odbc configurations. This is controlled by the LANWAN server support group.
With the assigned SYSADMIN role, service account as local administrator, they have NTFS permissions the the DATAApplication partition and rights to stop and start all related services to SQL.
They can also access event viewer, performance monitor and other MMC snap-ins as read only.
I remember seeing a document on this site a couple of years ago that explained reasons why a DBA needs sa access rights. I can go into BOL and generate a list of things you can only do with sa rights. However the article I am looking for was well written, much better than I could do.
My infrastructure team has decided that the DBA's and Sr. Developers will not have sa access rights. All schema changes, stored proc creation, view creation, database backups, maintenance plans, etc will go through their server engineers. They do not understand what they are getting into.
Does anyone have a nice document that would aid me in my efforts to convince the Infrastructure group to change their "new" policy?
Hi everybody, I would like to get an input from as many people as possible on the following: In our organization DBA is responsible for 5 servers ( currently NT 4/SQL 7)and is a part of group of a 5 people including manager and 3 developers. DBA currently has a FULL access to every server. In a few months we will be replacing the existing system with Windows 2000/SQL 2000. LAN group will give to DBA only a read rights for the Windows 2000 environment, saying that the AUDITORS, both internal and external, require that. In other words, if DBA needs to run a command prompt, move files from one directory to another in Production environment, he has to fill the request to LAN, so LAN group would do that. So I guess the main question(s) is: What is the degree of involmment of DBA with Operating system? Is DBA suppose to be an NT administrator ( I dont think so, since DBA has a lot of other thing to do? If DBA accidently makes an unwanted changes to the Operating System, who should be blamed for ( not personally, but in more general terms) and would it be an extra argument to take write rights away from a DBA? What auditors saying about that? Thanks a lot in advance, Andrei
How do I text base add my domain users group with full rights to my database. I am using teratrax to manage my database. This is what comes up when I click on new database user
-- Replace all lower case words with your own code.
If I connect with SQL Management Studio to a server I cannot open or change SQL Agent jobs. (I can see them, but if I ask properties it opens a new job window).
At home I have no problem managing jobs.
I also cannot stop or start the SQL Agent.
What rights do I need? I am not in a domain, but with using the same username and password on my laptop as on the server and I have no problem connecting, add/changes databases and such.
I'm just a hobby programmer that writes programs for my personal use and maybe for friends.
I'm planning on using VB.Net 2008 Express edition for my development. I was using SQLite before with VB.Net 2005, but it seems the ADO.NET provider will not work with the VB.Net 2008 Express edition, so I'm thinking of moving to SSCE.
Do I still have to sign up for redistribution rights? I looked at the choices (What Best Describes You) when you start to sign up for those rights and I don't think I fall under any.
I was hoping to either just copy the 7 DLLs to the client computer or use the redistributable MSI installer to install SSCE.
Hi, I am using SSRS 2005. Created several reports on the server where SSRS is installed. In addition I managed to develop a few more reports on my work station and then deployed the reports to the server. From my local machine I can brose to http://servername/reports and view/run the reports. Now I would like to find out if/how others can view some of the reports. How/where do I set rights...? Thanks
I'm running into an issue with a user with restricted rights being able to access a local SDF file. The user has Modify right to the folder (and the file), but cannot access the SDF if it was created by someone else.
The only two workarounds I've found are: 1) If the I delete the SDF and then the restricted user creates the SDF they can then access it. 2) If I grant Full Control to the folder then the restricted user can access the database.
Is this by design? Are there programatic changes that can be made to enable access?
All users who login to the box (Windows XP) need to be able to access the same SDF. The SDF is stored on the local machine.
Hi All, I've got an SQL 2005 server setup with some databases. I'm trying to set it up so that a user can upload his database backup and then restore the DB using Studio Express but am having some issues with it. The user can upload his database fine, but when we try and go in to restore it, he can't view the directory or file of the backup. I've added the service account that SQL runs as, as well as the SQL2005%Machine%etc... user without much luck. The only thing I can think of from here is SQL permissions and I'm a little vague on how to accomplish what I want. One other thing is that if I add sysadmin rights to the user, they can see the directories fine. I tried adding dbcreator as recommended by other posts and that didn't work either. Any help would be greatly appreciated. Thanks!
We are conducting a pilot around the 2007 DM ad in for Excel for use at our company. We have sql server enterprise (64 bit) installed with Analysis server (all on one box). I have set up the Data Mining Ad in db on the Analysis Server. I've given a business user admin rights in the data mining db on AS. We are trying to use a table in a database on the same server as input to an estimate model. When I create the model (I'm a sysadmin), I have no issues using excel to point to the table and run the model. When the user runs the model, he get the following error.
Errors in the high-level relational engine. A connection could not be made to the data source specified in the query. Either the xxx user does not have permission to access the " object, or the object does not exist.
The user does have access to the table - he actually created it. Since this works when I run the model, it seems like this has to be how AS is passing in the table? Has anyone seen a similar error?
On a different topic, how is it best to configure user access to datamining functionality? Create one AS db per user? Thanks!
I want to restrict the database not to be accessed from anywhere except my webservice...I mean, my client applications or anyone else can not be able to access the database...
I have setup a test IIS box and would like to use that as my development platform. I have installed sql express 2005 for my database on the box as well. I can setup new pages on the file server just fine.. But when I try and setup a login page and use the asp.net configuration web page to setup security which create a user DB it will not let me create it... I get the following: The following message may help in diagnosing the problem: An error occurred during the execution of the SQL file 'InstallCommon.sql'. The SQL error number is 5110 and the SqlException message is: The file "J:INETPUBNBSRECAPAPP_DATAASPNETDB_TMP.MDF" is on a network path that is not supported for database files. CREATE DATABASE failed. Some file names listed could not be created. Check related errors. Creating the ASPNETDB_4a9331c5903148ca92e3ffbee7d29976 database...
I am having trouble openning a connection to a sql server database that resides on another machine. When the web server and SQL server run on the same machine, everything works fine. When the web server and sql server are located on different machines, I get an access rights error when i try to open the connection. I suspect that this involves trust levels, but all the tweaking I have done has not resolved this issue. Any help would be much appreciated!
Hi, I want to give 'Execute' permission for all the sp to a particular user. Any straight way of doing this then to go to each sp and give him permission for every sp. TIA.