Windows Integrated Logins Across Machines
Jul 28, 2006
HI,
I've got the folloing scenario:
Client app is a windows forms app on client machine. Web Service on a dev machine (Windows 2003 standard), SQL Server 2000 on a seperate machine. The user logs on to the using their windows login. I'd like to pass these credentials to the web service, have the web service impersonate the user and access the SQL Server with these credentials... not a problem I thought.
Setup windows integrated login on IIS for the web service, impersonate="true" in the web.config, Mixed mode on the SQL server. Passed the network credentials through to the Web Service, and this works correctly, however when the web service (impersonating the user) tries to access the SQL Server, I get the message about access denied, user is null, blah, blah. (if remote access the Web Service box, and call the web service locally, all works well, and voila, until the thread recycles, the client machine access also works... same user/pass)..
I've seen various posts about this but nothing seems to solve the problem. Am I right in thinking that this method (Windows integrated login) of passing credentials through to the SQL Server is the best method? If so... er, shouldn't it work? What am I doing wrong here? and if it doesn't work, what other method would work?
I've just about given up on this and thinking of passing the SQL Server Username/Password across the network (shudder), encrypted yes, but not ideal!
Anyone got any idea?
Regards
Kevin
View 4 Replies
ADVERTISEMENT
Jan 19, 2007
Hi, I'm relatively new to the admin side of websites and DBs. In the past, with hosted environments I've been used to just using SQL logins to connect to the DB from a web app, but for something I'm delevoping at the moment I have control over the DB and web server and was wondering if using a trusted connection would be better. After reading around it seems that Microsoft warns against using mixed mode authentication because of clear text passwords, the DB I'm working again currently isn't in mixed mode. So far I have set up the application to run in its own application pool under a limited user account that also has limited access to the DB. Though like this every new application that needs access to a different DB would require a different pool. What I'm asking essentially is what's the best way of going about things; set up a new pool and user for each app that requires it, using a trusted connection or turn on mixed mode authentication on on the DB. Or a mixture of the two?
View 5 Replies
View Related
Apr 3, 2007
I am a systems analyst and work with an app that runs against 2 SQL Server DBs. Though I have some familiarity with SQL Server and SQL, I am not a DBA.
The app executable is tied to a Windows service.
When we install the app, we run a process that builds 2 dbs to include:
Tables, indexes, stored procedures, views and user accounts.
SQL Server is set up for mixed mode authentication.
Normally, the dbs run off the local db user accounts which are tied to local logins with the same names.
We have a client that wants to remove our standard logins so that they can run on only a Windows login.
I know I should be able to tie the db users to a Windows login.
And I can do the same for the service.
But I am at a loss as to how to get this done.
How do you associate db users with a Windows login?
When I have tried sp_change_users_login I get an error that the Windows login does not exist. (Though I have added the Windows account to the DB.)
Hope this all makes sense.
View 2 Replies
View Related
Oct 23, 2015
I'm specifically referring to 2008 R2, and TomCat in particular (not sure of the *Nix variant involved), where I was asked if there were any configuration settings on the database side (meaning SQL Server) that can be viewed to show how long a connection to the server, once idle, will last, before it is forcibly closed. I when Googling, but as I'm not very knowledgeable on that topic, I'm not really sure what I'm looking for, and the only results I came across didn't identify what I'm looking for. Of course, it may be that such a config setting doesn't exist, but it would be useful to know how such things are handled.
View 0 Replies
View Related
Apr 7, 1999
Hi All,
Can we implement a table level (object) security on the groups of the windows NT domain using the integrated windows NT security so that one group has
the permission over one table to update ,select ,delete the information and other group has permission has for some other table.
Thanks
Ajay
View 3 Replies
View Related
Apr 29, 2005
In my architecture I have a Domain Controller with Active Directory (DOMAIN_A), IIS 6.0 (WEBSERVER) and SqlServer 2000
(SQLDBSERVER).
The WEBSERVER has a
.NET application with windows authentication. The .NET application interacts with the
database server. I want to use Integrated Security to pass in
the users login credentials to the database to run any database calls so that I can
audit who is making what calls on the database.
The connection string
I am using for this is as follows:
string connStr =
"Server=SQLDBSERVER;Database=xxx;integrated
security=SSPI";
The problem arises
after I login to the web application (I use the user DOMAIN_ASomeUser where
SomeUser is a user who has permissions set up to make all of the database
calls). After logging in however, when I go to a page that makes a database
call I get the following error:
System.Data.SqlClient.SqlException: Login failed for user
'DOMAIN_AWEBSERVER$'.
It seems that for some
reason, .NET is not passing the login name SomeUser, but instead is passing
SERVERNAME$. Would anyone pls have any ideas how I can implement this. Any guide or references would be much appreciated.
Thanks in advance.
View 2 Replies
View Related
Dec 17, 2006
Hi,
I am having a problem in applying subscription to a report.
Here is my case:
I have a datasource with 'Windows integrated security ' authentication, yes....I am using windows domain authentication, so login info is not stored in DB but its authenticated from domain. Now the report I want to use subscription on is using this DS. I read it somwehere that I can use rsconfig -e -u -p option to assign user to unattended reports.
I think, this is the unattended report. I tried with rsconfig and then clicked on 'new subscription option'...and i got error (again) saying 'Subscription can not be created because the credentials used to run the report are not stored...or if linked report.....blah blah...'
I want to use subscription to this report but with 'Windows integrated security', is there any way I can do it ?? How can I assign some user to this report without changing authentiation method and use subscription ?
Help me ...I am stuck, this is the last milestone in my project !!!
Thanks,
Prashant
View 8 Replies
View Related
Mar 1, 2007
I have a set of reports that read from an Analysis Services cube. Permissions are managed at the cube level since different users should look at the same report but different data. This is why for those reports, the data source has Windows Integrated Security set.
Those same users should be able to subscribe to those reports, the problem is that for subscriptions to work, the data sources must store the credentials. This means the filtered reports are lost since the stored account will show all the reports for all users.
Is there any way of generating "filtered subscriptions"?
Thanks in advance
View 3 Replies
View Related
May 30, 2007
Greetings Folks,
We have a SQL Server Reporting Services instance running SP2. I have attempted to add a domain group in a trusted domain to the server to enable regular users to access reports. I have added this group to the instance folder as a SYSTEM USER and home as BROWSER. I am allowing those settings to be inherited down through the folders (reports and data sources) to the reports. My test user in this report receives:
The permissions granted to user 'DOMAINuser' are insufficient for performing this operation.
(log shows HTTP 500)
when the user attempts to use the URL to go directly to the report. If we try to navigate from HOME and walk the folders the user sees a blank HOME page.
I have used other groups with no problem.
Is there something I am missing in setting up the security environment? Any help would be greatly appreciated.
Thanks, Mark
View 1 Replies
View Related
Feb 24, 2007
If my SQL Server authentication is windows integrated authentication, whenever my application makes a connection to SQL server does it contact the windows active directory domain controller to authenticate the windows user account? How does windows integrated authentication work in the background?
View 9 Replies
View Related
Oct 23, 2007
I am trying to connect as follows:
Server: Windows 2003, SQL 2005, on a domain
Client: Windows 2008 Beta, not on any domain
I created an account with the same user name as the domain user on the client machine. And then I logged in as that user and went to Manage Network Password. I entered the correct domain credentials. Verified that this worked for file shares. However, SQL does not appear to be recognizing this and it tells me:
Login failed for user ''. The user is not associated with a trusted SQL Server connection.
I have verified that this domain account is working properly with SQL when the client is also on the domain.
How can I get this Windows authentication scenario to work where the client is not on the domain and the SQL server is on the domain?
View 5 Replies
View Related
Jul 23, 2005
Hi , I am trying to connect to MS Sql server 2000 from Java (1.4.2 /1.5 ). I installed my Sql Server(8.00.382) from the one supplied withVS.NET 2001. When I installed it on my laptop it did not ask me for auser name and password. After install when I re-started my machine Isee the server started up with a green light. Now when I connect to theserver from VS.NET it works fine. This is because VS uses windowsintegrated security. I now need to connect using Java , so I downloadedthe microsoft drivers for SQL2000-JDBC sp3 from the microsoft site. Iadded the jar files to my Java project classpath. I manage to registerthe driver in java :Class dbClass = ClassLoader.getSystemClassLoader().loadClass("com.microsoft.jdbc.sqlserver.SQLServerDriver");DriverManager.registerDriver((Driver) dbClass.newInstance() );Connection conn =DriverManager.getConnection("jdbc:microsoft:sqlserver://localhost:1433;_integrated security=SSPI");but cannot seem to get a connection as it gives an SQLException sayingthat it is unable to connect:java.sql.SQLException: [Microsoft][SQLServer 2000 Driver for JDBC]Errorestablishing socket.I cant seem to figure it out.Can some one help ??I am a newbie to sqlserver so couldnt quite figure out how to changeadmin password or create a new user with the tools provided with thisversion of sql (SQL Server Desktop Engine).Any help will be appreciated.Ebby
View 3 Replies
View Related
Aug 1, 2006
Hello Everyone,
I am trying to connect SQL database through code but I get this error,I have spent days to solve it but unfortunately I couldn't...Here is my code in VB express(OP:windows 2000 with SP4)I am new to VB,so it makes the situation more difficult for me.
my code is:
Public Class Form1
Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
Dim conn1 As SqlConnection = _
New SqlConnection("Data Source=.SQLEXPRESS;" & _
"Integrated Security=SSPI;" & _
"database=deneme3_database;")
'Open connection
conn1.Open()
MessageBox.Show("Connection succeeded.")
'Close connection
conn1.Close()
MessageBox.Show("Connection closed.")
End Sub
The error message is,it is in german but it is clear I guess:)
" Die von der Anmeldung angeforderte "deneme3_database"-Datenbank kann nicht geöffnet werden. Fehler bei der Anmeldung.
Fehler bei der Anmeldung für den Benutzer 'ADPLANatalay'. "
Thank you in advance!
Can
View 6 Replies
View Related
Mar 17, 2007
I am trying to connect to an SQL database with a Java program compiled in NetBeans IDE. I have copied the proper .dll in the auth folder to the same folder as the .jar file required. I have tried a lot of things for a lot of hours, and am still coming up with the message "Driver is not configured for integrated security and "could not load the xxxxx.dll
Has anyone come up with a solution or a workaround to this problem. Please help. I have read the documentation until I am blue in the face. Please only respond if you have a 64 bit machine.
Thanks, Frank
View 1 Replies
View Related
Jan 4, 2006
Hi, Happy New Year!
I have been struggling with this problem for a while with SQL 2005. I have never had such login problem with SQL 2000. Here is the scenario:
I have installed SQL2005 standard version on a XP Pro box and I am trying to access it from another XP Pro machine. I can access it using a SQL user name and password that I set up on the server, but I have not had luck with using Windows NT Integrated security. When I try to connect to it (e.g. by a UDL file), I get an error saying Login failed for user €˜HP-AMD64Guest€™ where €˜HP-AMD64€™ is the name of the PC running the SQL 2005. I can access the files on the machine without any problem. I do not understand why it uses €˜Guest€™ that is not what I use to log on my machine. Does anyone have any clue to offer me?
Thank you in advance!
h
View 14 Replies
View Related
Jun 1, 2006
I have a very confusing problem that I'm going to attempt to relay concisely:
I have a LAN on which I'm running an Intranet web site built in ASP.Net 2.0 and using SSRS / Sql Server 2005 on the same server.
The name of the box is "warehouse" or "warehouse.mydomain.us." When I ping "warehouse," I get a response from 137.86.166.8, as I should. Likewise, I get a response from 137.86.166.8 when I ping "warehouse.mydomain.us." If I do a "ping -a" on 137.86.166.8, it correctly resolves to "warehouse.mydomain.us." Based on the facts presented in this paragraph, I believe that my DNS is working as expected.
Using IE (6.0.2900.2180.xpsp_sp2_gdr.050301-1519) with "low" security settings, I navigate to http://warehouse.mydomain.us/lex/ (Lex is the name of the app) and it authenticates me to the index page (which calls the SSRS web service to get and display a list of available reports), except that I get the login prompt three times. If I hit F5 (refresh), I get three more login prompts and then I get a 401.1 error. From this point, no matter what I do, I can not see the index page again without closing and restarting IE.
I know that IE only passes credentials to certain sites, so I add my domain (http://warehouse.mydomain.us/) to the Local Intranet list ( Tools->Internet Options->Security->Local Intranet->Advanced) and then I can refresh and see my index page once, but I still get 3 login attempts and then the same thing happens -- I refresh and go through 3 logins and then get a 401.1.
If I now change my address bar to read http://137.86.166.8/lex, I get a single login and it works like a champ. This makes me think that there's a DNS problem, so I open up Mozilla Firefox and wouldn't you know it -- Firefox works like a champ all around -- one single sign-in, it keep credentials between Lex and SSRS, and it appears to use the DNS correctly. However, I can't use Firefox because I can't get any of the SSRS reports to look like they're supposed to in Mozilla-based browsers.
Argh.
I have set my IE securtiy settings to "Low." I have added the primary domain to the Local Intranet list and also to the Trusted Sites list (but you can't do both at the same time). I have even added the internal IP to my "hosts" file.
Does anyone know anything that might be a help to me in getting this figured out?
Other notes of interest:
My machine is an XP machine, but is not on the domain, but I do have a valid domain login that I use and it works in Firefox without problem.
View 6 Replies
View Related
Aug 12, 2015
I have an acctest server (XX-ATS-ASSHP102) running SSRS, SQL DB Engine & SSAS. I'm trying to configure NATIVE SQL Reporting Services to use a data source with Windows Integrated mode towards a SSAS cube on the same server. When I use the servername (or 127.0.0.1) it works perfectly. But when I use the DNS name bidb.acctest.internal it fails with the error "The connection either timed out or was lost.". The profiler on SSAS says "anonymous login" so the Kerberos login is broken at some point.The weird thing is that this works perfectly in production environment, but I've missed something in the ACCTEST environment.The SPN for the serviceaccount running SSAS has correctect SPN:s:
MSOLAPSvc.3/bidb.acctest.internal
MSOLAPSvc.3/bidb.acctest.internal:MSSQLSERVER
MSOLAPSvc.3/XX-ATS-ASSHP102
MSOLAPSvc.3/XX-ATS-ASSHP102.XX.XXXXXXXXXXX.net
MSOLAPSvc.3/XX-ATS-ASSHP102.XX.XXXXXXXXXXX.net:MSSQLSERVER
MSOLAPSvc.3/XX-ATS-ASSHP102:MSSQLSERVER
The SSRS account has delegation with "any service". No account has the "sensitive" flag.DNS names are A-records, except the hostname for the SSRS site which is a c-name, but it's identical in production.The "impersonate client after login" and "replace token" permissions are correct in the policy.The rsreportserver.config says:
   <Authentication>
      <AuthenticationTypes>
         <RSWindowsNTLM/>
      </AuthenticationTypes>
      <RSWindowsExtendedProtectionLevel>Off</RSWindowsExtendedProtectionLevel>
      <RSWindowsExtendedProtectionScenario>Proxy</RSWindowsExtendedProtectionScenario>
      <EnableAuthPersistence>true</EnableAuthPersistence>
   </Authentication>
both in production and in acctest env..
View 2 Replies
View Related
May 12, 2008
I know from searching this forum that there have been many variations of the issue I'm currently suffering, but I haven't found anything quite like mine or a solution to solve it. The issue I'm running into is that I am unable to log on to Reporting Services using Management Studio or the web interface when Windows Integrated Security is enabled. I have full functionality using basic security, but the risks involved make it impossible to deploy basic authentication out into production. The error I'm receiving in Management Studio is The request failed with HTTP status 401: Unauthorized. (Microsoft.SqlServer.Management.UI.RSClient). I recieve the same error when I try the web interface.
I've looked the most recent logfile in WindowsSystem32LogFilesW3SVC1 and these entries match up to the time I attempted my authentication.
Code Snippet
2008-05-12 20:30:42 <Edited: Server IP> GET /reports - 80 - <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254
2008-05-12 20:30:42 <Edited: Server IP> GET /reports - 80 DomainUserName <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 301 0 0
2008-05-12 20:30:42 <Edited: Server IP> GET /reports/ - 80 - <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254
2008-05-12 20:30:46 <Edited: Server IP> GET /reports/home.aspx - 80 DomainUserName <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 302 0 0
2008-05-12 20:30:46 <Edited: Server IP> GET /reports/Pages/Folder.aspx - 80 - <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254
2008-05-12 20:30:47 127.0.0.1 POST /ReportServer/ReportService2005.asmx - 80 - 127.0.0.1 - 401 2 2148074254
2008-05-12 20:30:47 127.0.0.1 POST /ReportServer/ReportService2005.asmx - 80 - 127.0.0.1 - 401 1 0
2008-05-12 20:30:47 127.0.0.1 POST /ReportServer/ReportService2005.asmx - 80 - 127.0.0.1 - 401 1 2148074248
2008-05-12 20:30:49 127.0.0.1 POST /ReportServer/ReportService2005.asmx - 80 - 127.0.0.1 - 401 2 2148074254
2008-05-12 20:30:49 127.0.0.1 POST /ReportServer/ReportService2005.asmx - 80 - 127.0.0.1 - 401 1 0
2008-05-12 20:30:49 127.0.0.1 POST /ReportServer/ReportService2005.asmx - 80 - 127.0.0.1 - 401 1 2148074248
2008-05-12 20:30:50 <Edited: Server IP> GET /reports/Pages/Folder.aspx - 80 DomainUserName <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 500 0 0
2008-05-12 20:30:50 <Edited: Server IP> GET /Reports/js/ReportingServices.js - 80 - <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254
2008-05-12 20:30:50 <Edited: Server IP> GET /Reports/js/ReportingServices.js - 80 DomainUserName <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0
2008-05-12 20:30:54 <Edited: Server IP> GET /Reports/styles/ReportingServices.css - 80 - <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254
2008-05-12 20:30:54 <Edited: Server IP> GET /Reports/images/blank.gif - 80 - <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254
2008-05-12 20:30:54 <Edited: Server IP> GET /Reports/images/blank.gif - 80 DomainUserName <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0
2008-05-12 20:30:54 <Edited: Server IP> GET /Reports/images/48error.jpg - 80 - <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254
2008-05-12 20:30:54 <Edited: Server IP> GET /Reports/styles/ReportingServices.css - 80 DomainUserName <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0
2008-05-12 20:30:54 <Edited: Server IP> GET /Reports/images/48error.jpg - 80 DomainUserName <Edited: Server IP> Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0
2008-05-12 20:31:07 127.0.0.1 GET /reports/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254
2008-05-12 20:31:07 127.0.0.1 GET /reports/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 1 0
2008-05-12 20:31:13 127.0.0.1 GET /reports/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254
2008-05-12 20:31:13 127.0.0.1 GET /reports/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 1 0
I tried to highlight one of each of the HTTP errors I am getting. 401.2 and 401.1 are the ones I kind of expected, but have no idea why I'm getting them. The 500 0 error is a bit troubling, because unless I'm mistaken thats a server side error.
Here's my current setup. As far as I can tell, I've done everything to set up correctly for Windows Integerated security.
My Specs
The server machine running all SQL 2005 services. It resides in a domain. All Clients are in the same domain.
Intel Dual Processor 3.20 gig Xenon
Windows Server 2003 w/ SP2
Microsoft Sql Server 2005 w/ SP2
Reporting Services Setup
The virtual directories Reports and ReportServer are set to Windows Integrated Security with Anonymous Access disabled. All other checkboxes in Directory Security are unchecked. For permissions in Reports, I have:
Administrators (servernameAdministrators) - Full Control
ASP.NET Machine Account - Modify, Read & Execute, List Folder Contents, Read, Write
Authenticated Users - Modify, Read & Execute, List Folder Contents, Read, Write
Creator Owner - No permissions
Domain Users - Read & Execute, List Folder Contents, Read
SQLServer2005ReportingServices]WebServiceUsers$... - Read & Execute, List Folder Contents, Read
SQLServer2005ReportServerUsers$... - Read & Execute, List Folder Contents, Read
SYSTEM - Full Control
Users (CompNameUsers) - Read & Execute, List Folder Contents, Read
In ReportServer I have the same permissions except Authenticated Users is absent.
At one point, I even added the account Everybody and gave it full control, and I still recieved a HTTP 401 error. Any help at what I might be missing would be a godsend.
Thanks.
View 1 Replies
View Related
Feb 22, 2011
I am trying to fetch the sharepoint list data into the SSRS report.
I have given credentials in shared datasource to access remote datasource.
In preview i m getting the following error:
Data extension supports windows integrated security and no credentials only.
View 3 Replies
View Related
Apr 11, 2008
I am new to SQL server 2005
Windows 2003 Server and all client PCs are all on the same network. I installed SQL 2005 std version on windows server 2003 and created a database and tables in it.
I have two users, who want to connect to SQL server 2005 from their PCs (they have windows XP):
These are two things that I need to facilitate:
1) They want to be able to write queries using Query Designer and run from their PCs.
2) I created an MS Access database on my PC, I want to use Access database as a front end to the SQL server database. I will create queries, forms in Access DB, and I want to be able to get the data from SQL server Database to do this. I guess I can use ODBC to connect to tables in SQL server database.
3) I want to connect SQL server to Oracle database, and run oracle stored procedures. I want to load the results of oracle stored procedures into SQL server database tables. I guess I will use IIS for this.
Any suggestions are appreciated, especially with item number 1.
View 9 Replies
View Related
Jul 27, 2006
Hey. I've a script which gets the SQL usernames with the information I need. Is it possible to migrate the passwords also with this information?
Also, regarding Windows Logins, do i have to worry about their SIDS when migrating to SQL 2005. I'm going to attach SQL 2000 db's onto a 2005SQL instance and these db's alreayd have the usernames assigned in them. Please let me know if there is a way out for the above two questions. thank you.
SELECT 'Create LOGIN [' + loginname + '] with password = ''hello'', sid = ',sid,
', default_database = ' + dbname + ', default_language = ' + language + ',check_expiration=off,check_policy=off'
FROM master..syslogins
WHERE name NOT IN ('sa')
AND isntname = 0
View 6 Replies
View Related
Feb 4, 2008
I€™m working on an application that needs to support multiple users without log in and out of Windows. I would like to use trusted/integrated security (domainusername) so I.T. does not have to manage two accounts per operator. Is it possible to use trusted accounts (domainusername) in the SQLClient.Connection object?
Thanks!
Sean
View 8 Replies
View Related
Jan 30, 2014
How to query in SQL to retrieve all the disabled Windows Users which are available as records(only) in the SQL Server ?
View 9 Replies
View Related
Jan 7, 2015
I am trying to write a sql script that will basically test logins for Windows NT Similar to when you bring up SQL Studio, and do run as windows NT I want to ensure my rights are not removed from SQL Servers and if so send my nice DBA an email.
How to do the connect as ? and check my permission is still set to access database with db_datawriter, db_datareader etc
View 2 Replies
View Related
Mar 23, 2015
We log ship our production database tansaction logs to a secondary database on a separate remote domain.
Incidentally, this was not set up via the "Ship Transaction Logs" wizard, but instead we had to use the various system stored procedures after restoring a copy of the database on the remote domain in standby mode.
We now have an issue where users are unable to access the remote secondary database without having sysadmin privileges. Clearly we want to avoid this!
We want to be able to use Windows Authentication mode on the server of the secondary database. But since the two domains differ, is it possible to even achieve this?
How can we set up read-only access for users on the secondary database without giving them sysadmin privileges?
View 3 Replies
View Related
Jan 21, 2007
ok, first, I know... I forgot to run a backup of the master database, and I forgot to run a script to caputure logins. Not that that is out of the way... I need to recreate the logins under the Securities tab below the databases. All the company databases have the user names and passwords assigned to them, but they are not able to login, because they are not able to authenticate to the SQL server first.
Is there a script that someone has that will copy the company database security info for the users and recreate them in the SQL security tab?
I know that I can rebuild them manually, but I need to delete them first in the application software, then delete them from the databases, and then recreate them in the application software... and as simple as that sounds... it is a slow moving process.
Any assistance would be greatly appreciated.
Thanks,
John
View 3 Replies
View Related
May 15, 2006
Hi all,
I've got two applications which both have a database on my MS SQL 2000 server. The problem is, one application must use Windows Integrated Authentication (which it is currently using and cannot be changed) whilst the other application which I'm trying to configure must use a SQL password.
Since the server has already been configured to use Windows Integrated Authentication for the existing database and application, how do I configure the other database to use the SQL password?
Thanks.
View 1 Replies
View Related
May 12, 2006
Hi all,
My work is using a shared application
which accesses a MSSQL 2000 database. To access the application, the
folder on the Windows 2003 Server is shared and users can access the
folder through a shared drive.
For the application to access the
database, it uses an ODBC connection to the MSSQL server which
originally used the SA password.
We have recently switched to using
Windows Integrated Authentication because we believe it offers a
higher level of security. However the only way in which we have been
able to enable this is to add the windows users to the SQL server.
The problem with this is that the
application sets permissions for individual users on what records
they can see within the database. We have found that by adding the
windows users to the SQL Server, they can bypass the permissions the
set by the application by simply using any application that can use
an ODBC connection, such as Enterprise Manager, and see all the
database.
One way around this would be to set up
domains of users with access privileges to the tables which reflect
the permissions set by the application, and configuring a view of the
data so they may only see the records that they have permissions to.
However to do this would require a high administrative cost to ensure
that changes made in the application are reflected in the privileges
of the SQL server.
Instead, is there a way the SQL server
can authenticate that the ODBC connection is coming from the correct
application using Windows Integrated Authentication?
This would allow the applcation to
determine security, and stop users from connecting to the SQL server
using other applications.
Alternatively, can the SQL server,
using Windows Integrated Authentication, also ask the application to
supply a username and password?
Any help with this matter would be
greatly appreciated.
Thanks!
View 4 Replies
View Related
Jul 17, 2001
Hello,
I would move a Database to another server. I try to use DTS but I have problems with this process because DB have big tables, I think. I try to use DETACH and ATTACH procedures but logins doesn't export. And more, in new server there are already logins from another DBs.
What's the best way to solve this problem?
Please, help
Thanks
View 3 Replies
View Related
Feb 28, 2002
Question - is there anyone out there running SQL Server on machines in the 2GB-4GB of RAM Range who has quick sec for a ? The documentation I have found for running SQL Server(native 32bit 2 GB RAM max) on 2GB+ machines is a little confusing (to me) if anyone can answer my question that would be great. I am running Ent SQL Server on WIN2K Adv box with 8 Xeons and 4 GB of RAM. I have enabled the /3GB switch in the boot.ini file but have not enabled AWE memory management in SQL. I have set the MAX amount of RAM avialble to my SQL box at 3GB and SQL Serve appears to be using all of the 3 GB under load. Is this the right way to set this or is there another more efficient way? Any answer explenations would be great. Thanks in advance
PS The server is only a SQL box no other apps / servers are running it.
View 2 Replies
View Related
May 17, 2007
Windows Server 2003
SQL Server 2005 Enterprise SP2
The mirroring wizard insists I enter a fully qualitifeid domain name for my servers. But my servers are not on a domain - I just address them as machinenameinstancename, which the wizard convertrs to TCP://machinename:5022. When I click Start Mirroring it tells me that this is not a FQDN, which is true. How do I make this work?
Cheers,
Mike
View 3 Replies
View Related
Jul 2, 2007
SQL server 2005 developer version
I have about a dozen db's scattered on 3 machines and want to
consolidate all of them on my desktop with the data intact.
What's the easiest, best way to accomplish this?
Can I backup on one and restore on another?
View 6 Replies
View Related
