Is there a way to access a SQL Server running on a different domain? I can access the same SQL Server from my machine, which is on a different domain using the ODBC connection, but when I try to access it using an application written in VB6.0 then I get the SQL Server does not exist error. I'm using the SQL Authentication method.
-A "master domain" AD, a "sub domain" AD, a trust relationship between the two (sub trust master) -A sql server 2005 on a win server 2003 in "sub domain" AD -A linked server to "sub domain" AD -A linked server login using a "sub domain" admin acccount -A view to this linked server -A grant on masterDomain/Domain Users to the database -A grant on subDomain/Domain Users to the database -We want all connections done through "Windows Authentication" not "Database Authentication".
Queries on the view work fine using "sub domain" user accounts. Queries on the view fail using "master domain" user accounts (including master domain admin accounts)
"Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "ADsDSOObject" for linked server "ADSI" reported an error. The provider indicates that the user did not have the permission to perform the operation."
All connections are done through "Windows Authentication" not "Database Authentication".
Can we establish cross domain connectivity with "Windows Authentication" ?
Below are details of the implementation:
SELECT TOP (100) PERCENT * FROM OPENQUERY(ADSI, 'SELECT displayname, givenName, sn, cn (etc...) FROM ''LDAP://OU=PEOPLE,DC=subDomain,DC=com'' WHERE objectCategory = ''Person'' AND objectClass = ''user'' ')
In SQL Server Mngt Studio in Server Objects/Linked Servers/Providers/ ADSI properties security tab I have:
"connections will: <be made using this security context> Remote login:'subDomainAdminAccnt' With password: 'subDomainAdminAccntPassword'
Error: Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "ADsDSOObject" for linked server "ADSI" reported an error. The provider indicates that the user did not have the permission to perform the operation.
Msg 7320, Level 16, State 2, Line 1
Cannot execute the query "SELECT displayname, givenName, sn, cn
FROM 'LDAP://OU=PEOPLE,DC=subDomain,DC=com'
WHERE
objectCategory = 'Person'
AND objectClass = 'user'
" against OLE DB provider "ADsDSOObject" for linked server "ADSI".
I'm trying to run a test from my test environment which is a non-domain Windows 2000 server to access my domain 2003 with SQL2005. I have install 2005 tools to try to access the SQL server.
- I have try following the KB265808 - no success. - Reading alot of blogs and it seems all are pointing to the same problem. "Remote access" but the settign is enabled.Error Message:
TITLE: Connect to Server ------------------------------
An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (Microsoft SQL Server, Error: 53)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&EvtSrc=MSSQLServer&EvtID=53&LinkId=20476
Question: Could Windows 2003 security be blocking access? I'm using sa account to access.
Also, sa account does not seems to work for remote access. It is ok when accessing locally.
we recently migrated from our in-house domain to the Enterprise domain. Everything went smooth except for the fact that I can no longer accept my dBs using my SA or my domain admin account. There is only 1 account I can get into the management studio with but it has no admin privileges, so I can't make any password changes or add accounts. I don't have a test environment so kind of hesitant to experiment with our production system.
I want to give a client access to a SQL Server 7 database sitting on a different NT domain without setting up a trust relationship between the two domains. Has anyone tried doing this?
I'm trying to access an SQL server 2005 database over the network. I'm at a client location plugged into their network, but when I log into my laptop I'm not logging into their domain. I have to access their network by typing in the name and password they gave me.
I cannot seem to access the database from my computer. I try to create an ODBC data source in the administrative tools, but the drop down list of detected SQL servers does not show the server I am trying to connect to. The weird thing is, it does show many other SQL servers on their network... just not the one that I'm trying to connect to. And I know that the one I want to connect to is working correctly because if I remote desktop into one of their machines (which is logged onto their domain), I can see it fine in the drop down.
Does anybody know how I can get a connection to this database from my computer, even though I'm not on the domain?
I have a quick question regarding domains and workgroups.
Currently I am working on an issue in the office of a small business. Right now there are 3 client computers that connect to a dell server running windows std. server 2003. The server has sql running on it that takes care of the invoicing system. Two out of the three work stations are able to use the database fine, but there is one that is unable to connect to the database. The only different that I could find is that the two workstations that DO work are currently set to use a workgroup, whereas the one workstation that does NOT work is set to use a domain...... I tried switching that computer to workgroup, but then I was unable to login as the normal user that I had always logged in as before.....
What can I do to solve this dilemma?
Any help would be greatly appreciated!
I apologize if this is the wrong forum for this, and if it is, if someone would point me to the correct one I would appreciate it.
I do not know if this is the correct area to post this topic? So, How to access different sql server with query analyzer? Usually, when to install sql server, it access the database server locally installed, now I like to access other sql server within a domain using query analyzer. How to configure this in order I could use query analyzer to access other sql server within a domain? Thanks in advanced.
I am receiving the following error when attempting to access reporting services... to sum things up real nice and tidy-
I get three login prompts - then the access denied response. It is almost as if it is unable to authenticate the user... anyway... here's the actual error response, I'd really appreciate any input/insight/resolution.
Server Error in '/Reports' Application.
Access to the path 'C:Program FilesMicrosoft SQL ServerMSSQL.2Reporting ServicesReportManagerin' is denied.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.UnauthorizedAccessException: Access to the path 'C:Program FilesMicrosoft SQL ServerMSSQL.2Reporting ServicesReportManagerin' is denied.
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. Stack Trace:
We are using Win2k3 R2 with SQL 2000 in a domain environment.
Is it possible to create a domain group to grant admin level and user level access to SQL2000/2005 without giving users server admin or domain admin access?
It has always been my impression that to have admin access to SQL that you had to at least had admin level access on the server.
I am seeing a couple of domain/username accounts trying to access SQL 2k5 SP2 and get the error above. The concern I have is these accounts shouldn't be trying to access SQL at all and do not exist is SQL hence the error The question I have is how can I track down what is trying to use this account and connect to sql? Thanks in advance.
John
SQL Server Log:
Message Login failed for user 'DOMAIN ampbell'. [CLIENT: <named pipe>]
We recently upgraded to SQL Server 2005, we've added SSRS to same server. This server is an internal SQL server. I can access to the reports from http://localhost and http://servername/ but how do I access reports I've created from outside of the domain? Does SSRS needed to be installed on an server with IIS and SQL Server 2005 that we can get to from outside? Please help! Thanks.
This is my first time using the forums here nor am I a SQL programmer. I'm trying to help a coworker figure out how to access files from a network share (using a UNC path) from a different domain. Right now we have three domains - Production, Development, and the Local. There is a one-way trust setup with the development and local domains, so using cross domain accounts is easy. Unfortunately, we cannot setup one right now with our production domain to any of the other two domains. Is there a way to pass production credentials from our local or development domain servers to a production server share? Am I even approaching this in the right way? Maybe there is a different method, any help would be GREATLY appreciated! -Andrew Network Administrator
We have purchased an ERP system from a vendor which uses system DSN for all the reports. The system automatically creates DSN with Sa with SQL Server. The problem is the DSN is not working with AD users.
Active Directory server: Windows Server 2008 32 Bit.
SQL Server: Windows Server 2012 64 Bit. This server is already member of my Domain. e.g. CompDomain.com
What should I need to do in client PCs or Server to avail ODBC to AD users.
I have been struggling with this one for awhile now.I have a domain group which only must view the steps and history of all agent jobs.I have added the group to the sqlagentreadergroup.I have created a new role and denied this role,add job,update job,delete job etc execute permissions.But the user still can change ,delete or create a new job.
All the groups and users in th new role,does not have sysadmin rights.
we have sql 2012 enterprise version
What else can i try.I need this for audit purposes.
After using ADMT to migrate the domain user or group into the root domain, when I use enterprise manager to try and change the permissions allocated to that domain user/group, i get the 'Error 15401 NT user or Group not found'.
This is a correct error as the user is now in the root domain, however sql (in sysxlogins) still thinks its in the child domain.
Is there a simpler way, other than collecting the users permissions, deleting the user from SQL then adding back in with the correct domainusername format, then adding the permissions back?
I tried renaming the 'name' in sysxlogins (not recommended) and while that worked, whenever I tried to add the migrated user to another database, the login name was missing and would not resolve.
I believe it is something to do with the SID not matching.
I have a IIS server on "A" Domain. My application is hosted on on a machine which is under that domain.
I have a DB server, SQL server 2000 on B Domain. The server is a named instance of SQL Server 2000. I have a default SQL Server 7.0 on that same machine.
For the application i am trying to connect from the IIS to database server, but i am unable to connect to the named instance, but i can connect to the default 7.0 instance.
The connection string used for the application is as follows: oConn.open "Driver={SQL Server};Server=server_nameinstance_name;Database= db_name;uid=user_name;pwd=password;"
I am getting SQL Server does not exists error messege on page...
Please help, me if any one knows how to connect to the database server which is on different domain and is a named instance using the connection string in ASP page..
Hi all,Have a situation that my company has never run across before. Clientis running NT4 for the domain server, using terminal services 2000 andrunning an application with a SQL Server backend and they areexperiencing locking problems. Once one person gets locked out theneveryone trying to access that tables is also locked out as a result.It is not specific to a certain User, or module within theapplication. It's not a specific time of the day (like when a backupwould be running) and sometimes it's in the middle of the night whenthere are actually less Users on the system.We have 500 customers using this application. Most are using SQLServer backend, alot of the newer customers are using TerminalServices, and the number of Users is not accessive as compared to ourother customers. THe only difference is that I do not specificallyknow of another client with an NT4 Domain server in the mix.We actually switched to SQL Server as the recommended back end due tolocking issues using SQLBase because SQL Server is row locking andSQLBase is page locking. Since making this change we have stoppedseeing the locking for years until now. Is this a SQLServer issue orissue with the NT Domain server?Anyone have any ideas???ThanksA
I'm setting up a simple SSRS implementation for a non-profit organization, using two servers hosted at a data center. The first server has SQL Server Standard Edition and Reporting Services installed. I've designed and deployed a number of useful reports on this server.
I was hoping to isolate this first server by installing IIS and SSRS on the second server, have users browse from the Internet to that second server (over SSL, of course), and have all reports served up from databases (and, presumably, the report server database) on the first server.
During the installation of SSRS on the second server, however, I'm being prompted to specify the service account. According to the help text:
"Reporting Services. Service accounts are used to configure a report server database connection. Choose a domain user account if you want to connect to a report server database on a remote SQL Server instance. If you are using a local report server database, you can use a domain user account or Local System to run the service."
I believe I want to configure SSRS to connect to a report server database on a remote SQL Server instance; therefore, it appears that I need to enter a domain user account. The only problem is, neither server belongs to a domain; they are members of a simple two-server workgroup.
Does SSRS, configured to connect to a report server database on a remote SQL Server instance, require a domain? Does what I'm hoping to accomplish require a domain? Creating a two-server domain seems like overkill for this implementation, doesn't it?
I appreciate any comments and suggestions. Thanks!
Please help me to find the solution for following problem. I have my web server (with .NET 2.0 Framework) in one Domain(DMS01) where i have deployed my application (developed in ASP.NET 2.0). I have to access the database (SQL Server 2000) that belongs to another Domain(DMS02). How could i connect to the database that belongs to domain DMS02 from Web Application belonging to domain DMS01. Thanks in advanced for help.
I've got a website with authentication mode "forms". Now I need access to the database to authenticate the user. The SQL Server is located in another domain than IIS.I don't know how to establish a trusted connection with the SQL Server. How can I establish this?
I am trying to monitor a SQL Server in a domain we have a trust in. When I add the computer to monitor I get the choice of monitoring NT objects (Processor, memory, etc) ,but none of the SQL Objects show up. Any ideas. We are using a domain admin account to try this.
I would like to know what will happen if the domain of a server is changed. Does this effect SQL 7.0? Does this effect any current jobs running on the server?
I am trying to connect to a sql server with analysis services installed in a seperate domain with the Analysis Manager. I am getting a error connecting to server message when I try to register the server. It looks like it has to do with permission issues in that I am in a different domain. Any ideas on how to get around this without forming a trust between the two domains and then adding myself to the olap administrators group on the remote sql server?
We have a SQL Server 2000 (SP4) that is in the domain and runs under a domain account. We wanted to move it to an area with no access to the domain so I removed the machine from the domain, rebooted. SQL Server would not start because it was set to run under the domain account -- fair enough :) So I set the account to be system in the services control panel applet. SQL Server would still not run, it tried to run netlogon then that failed as it was not in a domain. I rejoined the domain and the SQL Server is happy again (and still running under local system).
Was the problem that is was set to load under a domain account when the machine was booted? Is there something else I must do to get it running out of the domain?
Hi all,We have standardized on Hyperion as our reporting tool. So far I haveonly set up a couple of Access databases as data sources for it. Nowthere is a request to report off our eOn (telephony management) SQLServer database using Hyperion. The eOn SQL Server box is in aworkgroup that is not part of the rest of our domain. (We only haveone domain because we don't have a "forest", whatever that means.) Itis behind a router owned by eOn along with a PBX and some other stuff.Setting up a data source for Hyperion requires creating a special datasource file called an .oce on the box where the Hyperion fat client(required for most administrative tasks) resides, and also setting up adifferent special data source file called a .das on the server wherethe Hyperion services run. (The analysts and end-users do not have thefat client, their access is web-based.)I have to register the eOn SQL Server by using the IP address and SQLServer authentication. (I was told that I can't use Windowsauthentication because it is not in the domain.) From the box onwhich the Hyperion fat client resides, I cannot register the eOn SQLServer. The error message is "timeout expired". Tracerting indicatesthere are no intermediate hops when attempting to connect from thisVLAN. From my desktop, which is on a different VLAN, I can connect toand register it. This trip includes one hop at our 6509. From one ofmy servers which is on the same VLAN as the fat-client box, I am ableto connect and register. On the fat-client box I tried deleting andre-registering another SQL Server and there was no problem.The IP address I have to use to connect to the eOn SQL Server is *NOT*the actual IP address of the box it resides on, but rather the eOnrouter, which translates it to the address of the server. We have nocontrol over this, eOn creates this setup. I'm not sure how it knowswhich of the devices behind it a given message is for.Ideas?
Hi all,I've done some sniffing around but apart from one post in thisnewsgroup haven't been able to find much on this topic.We have recently moved (well, quite a while ago but that's by-the-by)from an NT domain to an AD domain. One of our SQL Servers is stilljoined to the NT domain and, since this domain is soon to bedecommissioned, I need to join this SQL Server to the AD domain.Is there anything I should be on the lookout for WRT this move?As far as I can see, the only thing this would cause an issue withwould be permissions for "logins" etc. This shouldn't be an issue asthe only logins on this SQL Server are either local or from WindowsAuthenticated from our AD domain.Any advice would be greatly appreciated.Many thanks,Ian
Hi have a small network setup and have MS sql server on workstation.Can access it locally but cannot access it from other work stations.I am assuming it is some sort of logon error, being it is not adomain. Any ideas on getting by this ?
Within our Exchange Environment we use Blackberry. Our Blackberry Server is using SQL Server 2005 Express. We're migrating from Exch 5.5 to Exch 2003 (new server for 2003). Now the new Exch Server is in our new Active Directory Domain to which is not named the same as our NT Domain for obvious reasons.
Anyway, after I decomission the 5.5 Exch Server, I want to rename the Blackberry Server and move it to the new domain. Will SQL Server 2005 Express squak at me for doing this??