What Is The Account That The SQL Server Is Running Under?
Jul 10, 2006Hello,
I need to allow SQL server 2005 to open a file in a shared directory. Any assistance or help will be greatly appreciated!
ADVERTISEMENT
SQL Server 2008 :: Query To Find Service Account Through Which It Is Running?
Jul 23, 2015Without going to services.msc / configuration manager, is there anyway to know the service account through which SQL server is running?
View 6 Replies View RelatedASP.Net Dev Site Not Running Using ASPNET Account?
Jun 27, 2006VS2005Hi
If I run the below code (this simply connects to SQL Server and returns the user name the connection is made under): Dim Connection As New SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings("LocalSqlServer").ToString)
Dim AttCommand As New SqlCommand("SELECT System_USER", Connection)
Connection.Open()
Dim AttendanceReader As SqlDataReader = AttCommand.ExecuteReader
AttendanceReader.Read()
Debug.Print(AttendanceReader.Item(0).ToString)I get:
MyDomainpootle.flump
Which is the account I am running on the dev machine. I expected ASP.Net to run as ASPNET irrespective of the currently logged in account. Am I plain wrong? Do I need to change something in IIS? Do I need to change something in ASP.Net?
Any help greatly appreciated
Thanks
Who Is Running DTS And Job, Owner Or Sql Agent Account ?
Dec 19, 2001Hi everybody.
Need help with secuity
1. SQLAgent servive = domainMy_local_admin
2. Job created
Ownner: domainSQLDBA
step1
exec sp_Who2
step2
Run DTS
a)Connect to ANOTHER_SQL_SERVER USING windows authentication
b) truncate table xxx
3. Run daily every 1 hr
1. Who will run job, domainMy_local_admin or domainSQLDBA ?
2. What account will be used to connect to ANOTHER_SQL_SERVER in step2
thank you
Security Problem Running Xp_cmdshell From Non-sa Account
Dec 17, 1999Our system is MS SQL Server v7 and NT 4. We have a stored procedure that exec's xp_cmdshell to run an external program located on the server. When a user who has 'sa' rights runs this stored procedure it works fine. When a 'non-sa' user (via the "BuiltinUsers" NT account) runs it, xp_cmdshell produces the following error:
Msg 50001, Level 1, State 50001
xpsql.c: Error 1385 from LogonUser on line 476
Is there an NT security or SQL Server setting I've overlooked that can be changed to allow non-sa users to xp_cmdshell programs?
n.b. The BuiltinUsers account does already have execute permission on the xp_cmdshell procedure.
SA Account (DBA System Account) Granting Priveleges But SQL Server 2000 Not Applying Them
Dec 4, 2006I have been running a script in SQL Server 2000 as sa also as a Active Directory user who has administrator rights (I tested both approaches SQL Server then Windows Authentication) in Query Analyser which grants execute rights to the stored procedures within the database instance and Query Analyser does not give any errors when I run the script. I have made sure that each transaction has a go after it. I then return to Enterprise Manager, check the rights (I apply them to roles so that when we create another SQL Server user we just grant him/her rights to the role) and discover that the role has not been granted the rights. I seems to be occurring only with 2 of the procedures. Is there a known bug that might be causing this?
yours sincerely
Craig Hoy
Running An SSIS Package As A Scheduled Job Using The SQLAgent Service Account
Apr 28, 2006Hi
Using SQL Server 2005 with SP1, I have successfully managed to schedule jobs to run SSIS packages. They connect to another SQLServer 2000 box, using SQLOLEDB connection manager, to extract data and import it into SQL 2005. The protection level for the packages is Server storage so that the job is run under the SQL Agent account. This is a specific domain account so that it can access other servers.
However, using the same setup for a scheduled job to to run an SSIS package which connects to another SQL Server 2000 box with connection manager SQL OLEDB, I get the following error message:
The AcquireConnection method call to the connection manager "xxx" failed with error code 0xC0202009.
As the both the successful and failed jobs seem to have been set up in the same way with the same protection levels and are both run under a domain sql agent account, is there anything else I should be checking that I don't know about?
Any help is much appreciated!
Account Permission For Installing/running Sqlserver And Service That Accesses It
Nov 15, 2007Hello,
I am totally confused by what account I should be running my sql server database and my business layer service as.
I take it that when installing sqlserver and my service that I should be logged in as administrator.
Should I be using "Local Service", "Local System" or "Network Service" to run these processes as?
Summary of my business layer service
* Clients connect to this service on a tcp/ip port
* It accesses the file system
* it connects to the database
Thanks,
JP
Problem In Using Linked-servers While Running MSSQLService Under Low-priv. User Account
Apr 24, 2007Hi.
While hardening a ms-sql2000 , I faced with a problem and I`m completely lost !
few days of reading and google searchs didn't gave me any hint...
Here's the scenario :
Ms-sql is connected to Oracle , through "MS OLE DB provider for Oracle" .
By default MS-SQL runs as SYSTEM , but even if we change it to a "local admin"
account , everything works fine .
The problem is that it's not wise to let sqlservice to run under privilaged accounts such
as system or a member of 'local administrators' . So I tried a normal local user on the
host running sql . I fixed every related problem appearing because of using a limited user
account and ms-sql works fine in all aspects but one !
While using normal-user account , sql-server fails to load linked-servers and this error
pops up in enterprise-manager :
"OLE/DB Provider 'MSDAORA' IDBInitialize::Initialize returned 0x80004005:
The provider did not give any information about the error."
I've tried much to find root of this error ( including any comments from related KB articles... ) but no luck . My guess is that , using OLE requires administrative privileges on host , and as I'm running SqlService with normal user, it fails to use OLE. So I should give requried permissions to the user running SqlService . But the problem is that I've no idea where/how I should do that. I've already tried some registry/file permissions but non of them helped me.
Some where I red that using ODBC instead of OLE may help , but that seems fail too !
*Note that I'm almost sure it`s a problem OUT of circle of ms-sql , meaning any modifications should apply OUT of ms-sql , because simply giving local administrative privileges to the user, fix the problem.
Any comments?
regards
Hamid.K
Problem In Using Linked-servers While Running MSSQLService Under Low-priv. User Account
Apr 28, 2007Hi ,
I've asked about my problem previously in "sql server security" forum ,but
no hint . so I've been redirected here .
here's my problem :
http://forums.microsoft.com/msdn/showpost.aspx?postid=1513189&SiteID=1
Whether To Use Local System Account Or Domain Account For Service Account
Jan 5, 2006During install of SQL Server 2005, we can of course use a domain account or the built-in system account for running the services. I lean toward domain for obvious reaons but would like to know a +/- to each option and why I'd choose one over the other and what consequences or limitations one may encounter if I choose one over the other.
View 6 Replies View RelatedRunning SQL Service Under Network Service Account
May 15, 2007Microsoft recommends that you do not use the Network Service account to run the SQL Server service (see http://msdn2.microsoft.com/en-us/library/ms143504.aspx).
Can anyone tell me what the drawbacks are of doing this?
DTS Fails As A Job With Service Startup Account As "System Account"
May 9, 2002I have several DTS jobs that runs well as a job with my nt login account for the SQL agent service startup account, but if I use the System account
they fail with this error.
" Error opening datafile: Access is denied. Error source: Microsoft Data Transformation Services Flat File Rowset Provider"
The data has change access to the System account under the NT security.
Thank you in advanced.
Jorge
Xp_cmdshell Does Not Execute For Non-sysadmin Account Even With Proxy Account
Mar 2, 2004Hi all, i hope you can help me.
Basically a dts package has been setup that pulls in data from another companies server, this data requires to be on-demand i.e individual users can pull in updates of the data when they require it.
I am using xp_cmdshell and dtsrun to pull in the data. This obviouly works fine for me as i am a member of sysadmin.
Books online quotes " SQL Server Agent proxy accounts allow SQL Server users who do not belong to the sysadmin fixed server role to execute xp_cmdshell"
So i went to the SQL Server Agent Properties 'Job System' tab and unchecked 'Non-sysadmin job step proxy account' and entered a proxy account.
The proxy account has been setup as a Windows user with local administrator privilages and even a member of the sysadmin server role - just in case.
Now when i log onto the db with my test account - a non-sysadmin - and attempt to run the stored proc to import the data i recieved the message 'EXECUTE permission denied on object 'xp_cmdshell', database 'master', owner 'dbo' '
hmm... so basically i have either misunderstood BoL or there is something not quite right in my setup.
I have search the net for a few days now and yet i can find no solution.
Can anyone help?
Domain Account Vs Local Account For SQLServerAgent
Jul 20, 2005Hi there,BOL notes that in order for replication agents to run properly, theSQLServerAgent must run as a domain account which has privledges to loginto the other machines involved in replication (under "SecurityConsiderations" and elsewhere). This makes sense; however, I waswondering if there were any repercussions to using duplicate localaccounts to establish replication where a domain was not available.Anotherwords, create a local windows account "johndoe" on both machines(with the same password), grant that account access to SQL Server onboth machines, and then have SQL Server Agent run as "johndoe" on bothmachines. I do not feel this is an ideal solution but I havecircumstances under which I may not have a domain available; mypreliminary tests seem to work.Also, are there any similar considerations regarding the MSSQLSERVERservice, or can I always leave that as local system?Dave
View 1 Replies View RelatedDomain Account Without A SQL Login Account
Apr 25, 2007I have a situation that I have discovered in our QA database that I need to resolve. When I looked at the Activity Monitor for our server, I discovered that a process is running under a domain user account for one of our .Net applications. The problem is that that domain user account has not been created as a SQL login account on the server. I am trying to figure out how someone can log in to the database server with a domain user account that has not been added to SQL Server as a login account.
Does anyone have any insight on this? I don't like the idea of someone being able to create domain account that can access the database without me granting them specific access.
- Larry
SQL SERVER ACCOUNT
Feb 20, 2008How can I find out what account sql server is running under?
View 2 Replies View RelatedSQL Security :: What Windows Account Used Server Login To Access Server
May 14, 2015If we have a "pool" SQL login, a one that uses SQL Server authentication, and this login is used by different domain account to access SQL Server, is there a way to audit which domain account used that "pool" login to do something on a object in SQL Server? I have to keep this way of accessing SQL Server, so how to create a login for every domain account accesses SQL Server
View 7 Replies View RelatedUsing Windows Account To Log On To Sql Server
Sep 15, 2002hey,
i am currently trying to connect to sql server with one of the windows user accounts. I am trying to connect to it via a browser using a dns-less connection. I have put in all the correct user name and password details and it comes back with Login failed for user xxxxxxx.
If i create a user in sql server and put those login details in, it works fine.
Can i use windows users with a dns-less connection???
SQL Server Start Up Account
Oct 19, 2006I wanted to make SQL Server starts up with a certain user account.
But when I entered a user account and password, a message appeared saying something like "user account and Security ID have no mapping......If you choose to proceed, SQL Server might not be able to start up".
Does anybody know how to fix this ?
Thanks in advance.
SQL Server 2012 :: How To Run A Job Using Different Account
Jul 21, 2014I have a job that needs to execute with different account. I figured i need a proxy so i have created one.Now i need to configure a job that runs a store procedure using that proxy account.
View 3 Replies View RelatedSQL Server Service Account
Jul 20, 2005SqlServer2k is on the domain serverSqlServer2k is on a laptop tooI want to copy a database from the domain to the laptop over the networkusing the copy database wizard.I have done this before with no problem but this time I get thefollowing error:Your SQL Server Service is running under the local system account. Youneed to change your SQL Server Service account to have the rights tocopy files over the network.I went into the properties of MSSQLSERVER under Services andApplications and see no setting described.Where do manage the SQL Server Service?*** Sent via Developersdex http://www.developersdex.com ***Don't just participate in USENET...get rewarded for it!
View 3 Replies View RelatedSQL Server 2005 Sa Account
Apr 21, 2006hi ,
i have a problem :)
my sql server 2005 is instaled on windows xp machine ( i have only remote connection on this computer ) , i made mistake and delete my account on sqlserver it was a admin account , the problem now is i cant log on sqlserver enymore becuse sa account is disabled.
What cann i do now ?
Proxy Account - SQL Server
Jan 2, 2008Hello,
I'm having trouble setting up PROXY account. I follow the documentation, and Under Credentials, I can only select Operator. Is there a way to select any account under Security?
Your help is appreciated!
Aspnet Account And Sql Server 2005
Nov 29, 2006can anyone give me step by step instructions as to how I would go about correctly granting the aspnet account access to my sql server 2005 database ??
As far as I can see Ive set it up, but im getting execute permissions errors on stored procedures even though Ive gone into properties and permissions and added the aspnet account with execute permissions.
Need Advice On SQL Server Account To Use For My ASP.NET Application
Jun 23, 2004Hi,
I know it's bad to use the built-in SA account to access SQL Server from my ASP.NET application.
I did some reading but would like some suggestions as well. One article I read talked about Application roles in SQL Server. Is this the best way to handle SQL Server access for read/write/update/delete privileges from an ASP.NET application?
If this is the way to go, how do I set it up? Can anyone suggest a good web site to read up on this?
What Account Runs SQL Server Service?
Sep 18, 2001We are debating whether to run the SQL Server service as Local System, a domain user without local admin rights, or a domain user with local admin rights. MSDN recommends local admin rights, but doesn't require them.
I would like to get some idea of how the real world handles this. If you run as a local admin, how do you handle the security implications? And if you run without local admin rights, what gotchas have you run into with extended stored procs, replication, etc?
Thanks,
Jerry Ratner
Changing The SQL Server Service Account
May 4, 2004I have a SQL 2000 (SP3) running on a Windows NT 4.0 (SP6) box used in our test environment. The SQL Server was configured to run under the local system account before I got here. In an effort to standardize things, I tried changing the SQL Service account to run under a designated domain user account purpose built for the job. We use this particular account for all of our new-build servers (which are W2K). This domain account is configured to be a "Power User" on the NT 4.0 Server in question.
Soon after changing things over to run under the new account, all the developers complained that they could no longer connect to the server. I could through QA and EM, but none of the developers could.
The developers are using WebLogic and JDBC drivers for the most part. I wasn't aware that the SQL Server service account affected client connectivity. Was I wrong or is there something else at work here?
Thanks,
hmscott
SQL Server Agent - Account Privileges.
Aug 28, 2007Hi all,
Please let me know what specific privileges an user account needs to be used as LOG ON AS account for SQL Server Agent in SQL Server 2005.
Does the account needs to me in the domain administrator group?
Thanks,
Hariarul
SQL Server Service Account Questions
Sep 13, 2007I have recently installed 2005 Standard and 2005 Reporting Services (on a separate server), today we built a service account for the SQL services in Active Directory. I planned to use SQL Configuration tools to change the account but it fails with the message:
'No mapping between account names and security IDs was done'
I ended up going through and following the manual steps outlined in KB article 283811 - http://support.microsoft.com/default.aspx?scid=kb;en-us;Q283811
But I am baffled and concerned as to why it failed.
Any advice?
Future guru in the making.
Sys Admin Cant Access SQL Server. Only SA Account Can?
Jul 20, 2005Hi All hope you can help.I have a SQL 2k Standard Ed. SP3 server that is in mixed securitymode.I have logged into EM with the sa account.Then added a Active Directory group (i.e. DomainDBAdmins) to theSystem Administrators for that server.When I try and modify the SQL server registration in EM to use trustedauthentication instead of sa I get a connection failed. Any ideas?Thanks,
View 3 Replies View RelatedSQL Server Performance Varies By NT Account
Jul 20, 2005If I have two NT accounts and performance using one account is prettyawful what might be the most likely reasons for the difference inperformance?We're talking about a few hundred thousand rows being returned from aSELECT statement within a stored procedure with a few INNER JOINS.
View 4 Replies View RelatedCannot Get SQL Server Agent To Start Using New Account... Why?
Feb 28, 2007Well, this is very confusing.
I have 2 servers that are members of the same AD Domain.
I need an account that can login to either one, but needs to be able to start a service, which my network admin says a local domain administrator cannot do.
So, I just decided to create an account with the same name, properties and password on both machines.
This I did. The account is a member of local Windows Administrator group on each server. Additionally, it is an SQL account on the SQL Server local instance, and a member of the SysAdmin group.
I can assign this account to SQL Server as the startup account (Log in with this account). That works fine.
However, when I assign this account to SQL Server, then SQL Server Agent quits running. So I try to assign this same account to this service and I get an error that the account 'Unknown' cannot login and needs to be a member of the SysAdmin group!??
This is a completely confusing error message since the account is a Windows Admin, SQL Server SysAdmin account and can start SQL Server fine without a hitch.
Anyone else having this very annoying problem ?!