The Local Security Authority Cannot Be Contacted
Mar 19, 2007
We have a weird issue with one of our computers.
We have a SQL 2005 server that is running our website and is accessed by our staff to run some applications (VB and Access 2003). The SQL 2005 server is at an off-site datacenter, so all access is via VPN.
We have one individual who is recieves the The Local Security Authority Cannot Be Contacted error whenever we try to create an ODBC connection to the SQL server. If the user is in our office, his computer connects fine, when he connects via an IPSEC VPN (we have tried various connections DSL, Cable and EVDO as well as Starbucks) he gets the same error. The error is sporadic, though recently it appears 80-90 percent of the time.
More info
When he is connected to the VPN, he can ping the SQL and exchange servers, as well as any of our other servers.
The issue started when he got a new computer. The computer is less than a year old, was mine previously. Hard drive was wiped and reloaded with XP Pro, 2.6 GHz, 2 GB RAM, 100GB hard drive with 70% free space.
When he connects to the VPN, he loses access to the exchange server, when he is not connected to the VPN, he accesses exchange via Outlook 2003 via RPC over HTTPS without an issue. When he disconects from the VPN, his connection to exchange is returned.
Any help or pointing in the right direction would be greatly appreciated.
Thanks
Wayne
View 4 Replies
ADVERTISEMENT
Jun 22, 2015
Why 'nt authority system' is not a Sysadmin on some SQL server 2014 ENT box? and it is on others?
View 2 Replies
View Related
Sep 5, 2007
Hi all,
I am trying to updated data on a different database on a different server. I am using linked servers for this. I can do select,updated , insert using the linked server in the management console but when i try to update the tables on remote server thru trigger i get this message MSDTC on server 'myserver' is unavailable. i checked the distributed transaction co-ordinator service in services.msc and its show that its running. Then i checked the logs in sql server 2005 and i see the following message
"The Microsoft Distributed Transaction Coordinator (MS DTC) service could not be contacted. If you would like distributed transaction functionality, please start this service."
i also see the the red stop icon on the distributed transaction co ordinator in under management in sql server 2005. i have enabled remote proc trans using sp_configure
Pls advise
View 1 Replies
View Related
Mar 5, 2001
Hello,
In NT MS suggests putting global groups into local groups and then assigning object permissions to those local groups in NTFS. I was wondering if this pattern should be followed in SQL server when assigning permissions to integrated login accounts. Is it better to use global groups or local groups?
Thanks
JJ
View 1 Replies
View Related
Jan 14, 2007
This is regarding general protection of a database hosted on a network. I am developing a database application for my college library using VB.NET, that will reside on a network.
For some reasons, I did not want to hardcode the Database location in the application. Instead, when a user logs in, he can choose the database location using a folder browser control, if the location has changed.
Now, I realize that for this, I have to put the database in a shared folder, which makes it quite vulnerable. Having pondered over the problem for sometime, a solution that comes to my mind is to place a Text file in the same shared folder that always contains the correct path of the database. When a user chooses that folder, I will read the actual path of the database from the text file, and move the database to a non-shared folder.
I haven't yet implemented this approach, but felt it better to consult someone before. So, would this approach work, and is it a good idea.
For information purposes, I consider it important to mention that the database is in MS Access. I know this is not a place for discussing it, but this is a general security concern. So, I thought
people would not mind answering it....
View 7 Replies
View Related
Sep 25, 2015
I have verified that the following services ARE running.SQL Server (SQLEXPRESS)SQL Server Browser SQL Server VSS Writer.This one however will not start ... For some reason it starts then automatically turns off.SQL Server Agent (SQLEXPRESS).When I try to connect using my <machine name>/instance and Windows Authentication I get the following error ...
"A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified) (Microsoft SQL Server)".The connection specified in the "Connect to Server" box was working perfectly fine before I upgraded. I thought it might have been my Norton 360 Premier but I uninstalled it.I AM having issues with the adapter frequently dropping the internet connection but I just disconnect and reconnect and that resolves itself.The other technique I tried was to replace the server name with the IP address ... <192.168.0.22>/Instance ... This actually seemed to find the SQL Server but rejected the Windows Authentication ...
"Login failed. The login is from an untrusted domain and cannot be used with Windows authentication." I have several databases on here and would hate to have to reinstall SQL Server and manually hook them back up.
View 6 Replies
View Related
Aug 15, 2007
We would like to use the SQL Server 2005 Express at our customers.
But now we have to meet the local security settings of the PC.
What is happening with the database users password (e.g. sa) when the "Maximum password age" in the "local security settings" for the password policy is to >0 (e.g. 30 days)?
Because this cause a frequently change of the passwords at the customers!!!!!!
View 1 Replies
View Related
May 31, 2007
Hi Remus,
I am experiencing the same problem, and I can't get the easy fix to work. I drop and create the DB's in between tests, so it is not related to having an old certificate in the DB, as in the case of Tilfried.
The situation is as follows:
DB1 owned by login1, has a user for login2; this DB is for the initiator
DB2 owned by login2, has a user for login1; this DB hosts the target
Both DB's have TRUSTWORTHY flag set to ON
Error in sys.transmission_queue: 'Error 916, State 3: The server principal "Login1" is not able to access the database "DB2" under the current security context.
Going on a limp, I decide to add a remote service binding in DB1, binding the user for Login2 to the target service, even though BOL explicitly states that this is only required for cross-server communications. This does change the situation - I still get an error, but a new message is sys.transmission_queue: "Dialog security is unavailable for this covnersation because there is no certificate bound to the database principal (Id: 5). Either create a certificate for the principal, or specify ENCRYPTION = OFF when beginning the conversation." I already know that the first option works, but I wanted to get the simple solution running. As for the second option, I doublechecked and the initiating procedure DOES already specify ENCRYPTION = OFF in the BEGIN DIALOG CONVERSATION command. My theory is that the remote service binding somehow forces SB to use encryption, but (a) that is not stated in the error message, and (b) if so, then how to get the messages sent over to the target service without using the binding?
==> EDIT: Just saw that you confirmed this theory in your last reply to Tlifried. So I am indeed back to having to find out how to get this to work without remote service binding - it should be possible, but how???
BTW, SELECT @@VERSION shows that I'm on build 3054, in case it matters.
Between all the errors in BOL and less than helpfull error messages produced by SB, I feel like I'm slowly losing my sanity. Please help!
Best regards,
Hugo Kornelis
View 6 Replies
View Related
Sep 18, 2007
We have an application store in a web server using IIS 6.0, however the application is communicating to sql 2000 that is stored in a 2000 server. In IIS 6.0 the application pool is set to Network Services, therefore sql 2000 is looking for a user called 'NT AUTHORITYANONYMOUS LOGON'.
But the login failed, and I don't see how to add NT Authority as a user in a 2000 server like you can in a 2003 server.
In all, we are trying to set permissions to certain users only by using the identity impersonate='true' in the web config file, but even with this setting set to true, and our network information set as a user in sql 2000, we still are denied access to the data.
What are some things we need to look for and what configuration do we need to set?
Thanks,xyz789
P.S.We also have all the permissions check to have access to all the tables and store procedures for each user.
View 2 Replies
View Related
Jan 18, 2008
I have googled this to my hearts (dis) content, and all the answers I have found either rely on 1) creating untrusted connections, or 2) hard coding your password into the page. Neither of which I am satisfied with. Here is my scenario:I am using Visual Web Developer 2008 Express Edition to construct an intranet site on my companies corporate network. I am using a development PC which sits not far from the main server I will be utilising for the hosting of the intranet site. I have local admin privileges to this server (as well as the box I am developing on). I do not have privileges to the domain controller (but that doesn't seem important to me anyway).I have created a database in SQL Enterprise Server on the intranet server and am using that database thru my development box. ie, the (test) data is already on the server and I have VWD2008EE access the data directly. Now this works as expected and without problem. I can create data sources and controls and they work on my development box. I can create data access code that also accesses the database, and it works correctly, ie, I see the data. However, when I import the code/pages to the production server, I get this error message: Login failed for user 'NT AUTHORITY/NETWORK SERVICE'."What puzzles me is that the VWD development server can access the database without a problem, yet if the pages run from the server itself, the database is no longer accessible. And it is the same database we are talking about. Disabling any form of security is not an option.Also, Windows authentication (ie using the domain controller) is the ONLY for of authentication available to me.I am guessing I have to add a particular type of user to the production server, but where and how is a little beyond the scope of my knowledge. There is no "Network Service" user (should there be?)Any help would be GREATLY appreciatedFurther info if required:Development PC - Windows XP Pro SP2 on a corporate network, logging in through a domain controllerProduction PC - Windows Server 2003 Enterprise SP2 using IIS V6.0 and SQL Enterprise Manager 8.05.02 (ODBC V: 3.52.0000)This is the code I use to access the SQL server(remember, this works from the development PC to the production SQL server, just not form production PC to production server): Imports System.Data.SqlClientProtected Sub Page_PreRender(byval sender as object, byval e as system.eventargs) Handles me.prerender Dim dbcon as new SqlConnection("Data Source=F001;Initial Catalog=Whiteboard;Integrated Security=true;") Dim myCommand as new SqlCommand myCommand.Connection = dbcon myCommand.CommandText = "SELECT * FROM tbl_rooms ORDER BY [d_date], [r_id], [t_from]"
Dim myReader as SqlDataReader dbcon.Open() ' <-- this is where the error comes in ONLY on production PC '... code which reads the table and prints it (this works)
dbcon.Close
End Sub
View 3 Replies
View Related
Jul 12, 2004
Is there a way to grant other users the ability to view jobs run by the SA login short of making them admins ?
-Dave
View 1 Replies
View Related
Aug 22, 2006
I'm having an issue with .NET and SQL Express. I have a windows service application that retrieves data from a SQL Express database. The service Log On properties are set to log on as NT AUTHORITYNetworkService. The service works as expected in my test and development environment. I have tested this on XP SP2 and WIN2K SP4.
I installed this on a production machine, running XP SP2, and I get the following error:
Login failed for user 'NT AUTHORITYNETWORK SERVICE'. [CLIENT: <local machine>]
If I set the Log On properties for the service to "Local System Account", it works as expected.
I checked for any differences between my develpment installation of SQL Express, and the production installation, but could not find any descrepancies.
Does anyone have some suggestions?
View 5 Replies
View Related
Jun 9, 2008
Hi,
I can view the site fine on VS developlement sever, but not through IIS 7. Whenever i try to run it, i get this error: Login failed for user 'NT AUTHORITY/SYSTEM'. The problem is that i am not using this user to access my database, so i don't know where it came from. I mapped this new user to my database and changed my web.config file accordingly to see if it works, but it did not.
i have looked high and low for this, but i don't seem to find a solution that solved my problem. I am running Vista, IIS 7 and have forms security on my website.
Any suggestions will be very much appreciated.
E
View 5 Replies
View Related
Jul 23, 2005
I have two win2003 servers. One is IIS and the another is SQL server. Ican use MyConnection=newSqlConnection("server=SQLServerName;database=myDBName;UID=sa;PWD= mypwd")to access my data. But I can not use MyConnection=newSqlConnection("server=SQLServerName;database=myDBName;IntegratedSecurity=SSPI") to access it. If I put both IIS and SQL Server in onemachine, I can do anything. How can I do something to allow trustedauthority work ?Thanks
View 1 Replies
View Related
Sep 6, 2006
Hi
I am trying to install SQL Server 2005 Express on my machine, which has Windows Server 2003 with Service Pack 1. I could not able to install properly and i am getting error always.
Here is the Error I am getting always "The certificate chain was issued by an authority that is not trusted" . I am trying for past few days i could not able to resolve.
Please help
Thanks
Here is the Error message from Summary.txt
Microsoft SQL Server 2005 9.00.1399.06
==============================
OS Version : Microsoft Windows Server 2003 family, Service Pack 1 (Build 3790)
Time : Tue Sep 05 12:31:18 2006
--------------------------------------------------------------------------------
Machine : SERVIDORCC
Product : Microsoft SQL Server 2005 Express Edition
Product Version : 9.00.1399.06
Install : Failed
Log File : C:Archivos de programaMicrosoft SQL Server90Setup BootstrapLOGFilesSQLSetup0008_SERVIDORCC_SQL.log
Last Action : InstallFinalize
Error String : SQL Server Setup could not connect to the database service for server configuration. The error was: {Microsoft}{SQL Native Client}SSL Provider: The certificate chain was issued by an authority that is not trusted.
Error Number : 29515
--------------------------------------------------------------------------------
SQL Server Setup failed. For more information, review the Setup log file in %ProgramFiles%Microsoft SQL Server90Setup BootstrapLOGSummary.txt.
Time : Tue Sep 05 17:12:41 2006
View 1 Replies
View Related
Jan 23, 2007
Hi,
I have several reports for users to view on our Intranet. After installation of SQL 2005 SP2 patch, I cannot delete user or user's authority from Report in Properties Tab. An error message was shown on the status bar. It indicated that JavaScript Error: 'Return' statement outside of function. Seems something wrong with the 'Delete' funciton in SQL 2005 after update. The other functions worked fine. Could you point me out how to fix it or need to install any updates / hotfix. Thanks a lot!
Regards,
Kenneth Lai
Programmer
Error Pic
Message Box
View 1 Replies
View Related
Oct 2, 2007
We have a 64-bit VM server running SQL Server 2005. The SQL Server on this particular VM server has 6 local instances installed. On the Management Studio logon screen I can type the full name of the local instance and connect to it, however if I press the drop down in the Server name field, choose Browse and select the Local Servers tab there is nothing listed under Database Engines.
Any idea why the 6 local instances don't show up under Database Engines? This is preventing me from installing a vendor application because their installer looks for local SQL Server instances on this server, but if SQL Server won't even show the local instances then the installer doesn't see them either.
Any help is greatly appreciated.
Thanks,
Craig
View 3 Replies
View Related
Dec 2, 2014
I have just finished configuring my first test mirrored environment (High safety mode). I setup the database engine service accounts on each of the servers with domainuser. I inherited a production mirrored environment set up by someone else. On the production servers the database engine service account is NT Authorityuser a local account. I am trying to practice installing Windows updates within a mirrored environment and I not sure how to proceed when the service account is NT Authority user account. should I change the service account to a domainuser?
View 2 Replies
View Related
Jun 7, 2006
I am facing a problem in connecting to the local database with server name as (local).
I have installed SQL Server 2005 in my machine. When I try to connect to the SQL server with the server name as SUNILKUMAR I am able to connect but when I try to connect to the same server with the server name as (local) I am not able to connect. SUNILKUMAR is my machine name and SQL server is running locally.
if anyone can help me what is the problem in this case it is highly appriciated.
View 7 Replies
View Related
Dec 21, 2005
Hi Everyone
I am at the stage of architecting my solution
My goal is to develop the system on a windows application and pda
There is a central server which will create a publication called inventory
The laptops which host the windows application will be subscribers to the central server using merge replication
The client now wants the PDA using SQL Mobile to synchronize with the local subscirber database on the laptop using active sync. They dont want to do it via WIFI to the IIS Server at the central server
I have been reading for days and I am still unsure whether this is possible to do.
I know Appforge provide a conduit for palm to access synchronization but not local sql databases
I would appreciate your help immensley
View 7 Replies
View Related
Dec 4, 2014
I use from sql server 2008. and c#
what is the best connectionstring?
I don't know if i use Persist Security Info and Integrated Security or not?
And if yes then their value must be true or false?
View 1 Replies
View Related
Oct 14, 2005
Hello there I have trying to figure out for days how to enable FullTrust for my Reporting Services security extension.
View 9 Replies
View Related
Jul 31, 2007
Hi,
I have posted this issue for a week, haven't got any reply yet, I posted it again and desperately need your help.
The article http://msdn2.microsoft.com/en-us/library/ms365343.aspx says:
Model Item Security can be set for differnt security filters, but when I use SQL Server Management Studio to set Model Item Security, it seems "Permissions" property surpass "Model Item Security" property. -- My report server is using Custom Authentication.
For example, in "Permissions" property of the model, if I checked "Use these roles for each group or user account" without setting any user or group, no matter what users I added to "Model Item Security" with "Secure individual model items independently for this model" checked, NO one user can see the model on report manager and report builder;
in above situation, if I added "user1" and gave role such as "Browser" role to "user1" in "Permissions" property, if I checked "Secure individual model items independently for this model" in "Model Item Security" property, even I did NOT grant "user1" to root model and any entities under the model, the "user1" is able to access the model and all entities in report builder.
My question is on the same report model, how to set "AdminFilter" (empty security filter) for administrator permissions and set "GeneralFilter" (filtered on UserID) for general user based on their UserID?
The article also says:
"Security filters are always applied, even for users who have Content Manager or Administrator permissions to the model. To allow administrators or other users to see all rows of an entity on which row-level security is defined, you can create an empty security filter (which always returns True) and then use the filter to grant those users access to all the rows."
So I defined 2 filters "GeneralFilter" and "AdminFilter" for "Staff" entity for my report model "SSRSModel", I expect after I deployed the report model, the administrator users use report builder to build reports with all rows available, and the non-admin users can only see rows based on their UserID.
I can only get one result at a time but not both:
either the rows are filtered or not filtered at all, no matter how I set the "SecurityFilter" for the entity: I tried setting both "AdminFilter" and "GeneralFilter" for SecurityFilter at the same time, combination of "DefaultSecurityFilter" and "SecurityFilter", or one at a time.
Your help is highly appreciated!
Desperate developer
View 1 Replies
View Related
Apr 26, 2007
hi i want to know what is the differance between
Persist Security Info=False;Integrated Security=Yes;
View 1 Replies
View Related
Jan 31, 2008
Being a very novice SQL Server administrator, I need to ask the experts a question.
How do I go about moving a database from 1 drive to another? The source drive (C is local to the server, but the target drive (E is on a Storage Area Network (SAN), although it is still a local drive for the server. I want to move the database from C: to E:. Can someone provide me with instructions?
Thanks,
Rick
View 4 Replies
View Related
Oct 18, 2015
Is there any possibility to schedule SQL job execution as Windows Security Group? I need to run powershell script through SQL job with one of this group member's permissions.
View 4 Replies
View Related
Jul 6, 2007
I have Sql Server Express installed on Vista (service pack 2)
I have Visual Studio 2005 with an application that I'm trying to access it with within a WCF service.
The login ID of the service is added to the database.
The database has remote access turned on.
The ID is granted access to all databases within the server.
The thread is being set with WindowsProvider and the services set their thread to WindowsProvider.
The dataserver is set with using Windows Authentication for security.
When I open my connection to the database, though, it reports the typically useless message that the connection is not allowed and that the server may not allow remote connections.
How to I get past this? I've done everything right.
View 1 Replies
View Related
Jun 18, 2007
I want to use an Active Directory security group that is a Distribution List for a new role assignment for an existing report. Can someone tell me if this is possible? I get an error each time I try:
The user or group name <DLName> is not recognized. (rsUnknownUserName)"
View 1 Replies
View Related
Dec 7, 2006
This is my first time to deploy an asp.net2 web site. Everything is working fine on my local computer but when i published the web site on a remote computer i get the error "Failed to generate a user instance of SQL Server due to failure in retrieving the user's local application data path. Please make sure the user has a local user profile on the computer. The connection will be closed" (only in pages that try to access the database)
Help pleaseee
View 3 Replies
View Related
Jul 20, 2005
Is there anybody out there with a MS SQL 2K Security Baseline orSecurity Checklist. Where can I get one????Thanks in advanceDavid
View 1 Replies
View Related
Feb 28, 2008
Hi;
I am looking for a way to log all security related events for SQL in Windows Security Log. I am trying to use SCOM for monitoring SQL and I am looking at ways to generate alerts in my SCOM Console for specific events in SQL e.g. A table is deleted, user is modified, deleted, etc. Is this possible and if yes how do I achieve the same?
Rgds;
View 6 Replies
View Related
Aug 3, 2006
In an environment where there are many initaitors speaking to a central target with frowarders in between, from what i can understand this best policy is to disable encryption on the endpoints, since dialog encryption will be enforced this is all that is really required, is this correct.
If the endpoints used encryption the message would need to be encrypted and decrypted at each forwarder resulting in slower perfromance, where as dialog encryption would only encrypt at the sender and decrypt at the target, so is this the best way to go?
Secondly is it best practice to open a dialog initally and send messages over this dialog for years never ending the conversation? This way the services only have to authenticate eachother once, if there are no reboots etc that is of course.
I would think performance wise sending each message and ending the conversation each time is a much greater overhead ? So would it be best practice to keep dialogs open and keep sending messages ?
Initally when i was learning service broker i thought that one must send a message and end the dialog until the next message, but i think the other way is the best option ?
Is this correct ?
Thanx
View 1 Replies
View Related
Feb 19, 2007
Hi
I'm designing a distributed application where I will have SQL Server 2005 distributed databases replicating data to my central hub which is again a SQL Server 2005 database using SQL Service Broker. Data will be sent from the central hub to the distributed sites and vice versa. I need to authenticate the communication and also secure the communication by encrypting the messages. Which security shall I use? Where do I configure the type of security being used? What is the difference between transport security Vs dialogue security - Full security model?
Thanks
View 4 Replies
View Related
