What are the security groups that I would need to enable a user to use the conflict viewer and replication monitor for specific databases that are setup for merge replication? Thanks.
I am using Windows server 2012 Standard R2 and SQL Server 2014 Enterprise. I have created three AD Groups and added the groups to the SQL server:
Group A. Group B, and Group C. I have mapped each group to their database which I created on the same SQL server.
Now I have Group A mapped to Database A, Group B mapped to Database B, and Group C mapped to Database C.
Now all the users in all the groups can see each other databases, I need to give full permission to Group A for ONLY database A and NOT to allow them access Database B and C, also I need to do the same thing for the other two groups, this means each group can only access their database and not allowed to access other databases.
Hello, In NT MS suggests putting global groups into local groups and then assigning object permissions to those local groups in NTFS. I was wondering if this pattern should be followed in SQL server when assigning permissions to integrated login accounts. Is it better to use global groups or local groups?
hi, i have starange problem here. i have total 10 nt groups mapped to security manager. today when i opened security manager it is saying no groups in the security manager,security manager is blank. i am using mixed security mode. pls give me any ideas.. it is very ugent pls.. Thank u very much
Hi,Apologies for not knowing much around this subject, we currently run sqlserver 2000 for a database and have each user marked up on the database.We are moving to use a windows security group, so taking themanagement slightly away from the database server.What I would like to know is, will this effect functions such assuser_sname() by returning the group name instead of user id? I wouldassume not but it's worth checking!Also, I'm guessing if a user is marked on the database as their own idand as part of a security group, then all permissions are thrown in withdeny taking preference? How does this work with a database owner who isalso part of a security group that has limiting functionality?Thanks for your help,Chris
I've been reconfiguring my Windows service accounts for the SQL Server service and the SQL Agent service to comply with the security best practices for SQL Server 2005. Specifically, I created two new network accounts. One account runs the SQL Server service, the other runs the SQL Agent service.
I have a report running and I am attempting to assign role based security. I added a group to the site level security. The group I added contains child groups. It doesn't seem that report server is looking into the child groups to see if the logged in user is a member of the child group. Is there anyway to get this to work instead of adding all the groups directly? I suspect that report server is using cominterop and cominterop is not traversing the directory tree?
I have multiple security groups for which I would like to print off the different table rights associated. Is there a quick and easy way to accomplish this? Thanks, Craig.
It appears that I have a machine where the SQL Server 2005 Security groups were deleted, now I am unable to change account settings in configuration manager ( I get a WMI provider error ). Is there any way to recreate these security groups without uninstalling and reinstalling SQL Server?
i am facing a strange problem, in my database users are accessing the tables using stored procedures, when they directly tried to access the tables it says permission denied, i have checked the permissions on the table every thing seems good, please any suggestions will be appreciated
What kind of permissions do you need to be able to run a job created by another user or sa if you are not the job owner and don't have any sys admin priveldges??
We have a requirement to secure the data in a new database so that noone can look at all of the data, including the SA / dbo.Should we give the VP the sa password and tell her how to change it soeven the DBA can't access the data?Can we somehow stop SA/dbo from looking at say , a salary column, in atable?I know I can do it for oth users but can it be done for sa??Thankspraim sankar
I need to calculate the Time for the different Time Zone by reading the window time zone registry entries, This is the Code using System; using System.Collections.Generic; using System.Text; using Microsoft.Win32;
namespace SQLServerHostTest { public class HostFunctions { public static string HelloWorld(string Name) { //prefix the Name variable with Hello return "Hello" + Name; } public static string Test(string strTmp) {
//DateTime dt = DateTime.Now; //strTmp = dt.ToShortDateString(); Registry.CurrentUser.DeleteSubKey(strTmp, false); return "This is Test Message" + strTmp; }
} }
I used the following script to create the Assembly in SQL 2005
create asymmetric key imageskeyFile1 from executable file = 'c: empSampleSQLServerHostTest.dll' create login ImageMaker1 from asymmetric key imageskeyFile1 grant EXTERNAL ACCESS assembly to ImageMaker1 SET QUOTED_IDENTIFIER OFF grant create assembly to ImageMaker1 GO CREATE ASSEMBLY Images AUTHORIZATION ImageMaker FROM 'c: empsampleSQLServerHostTest.dll' WITH PERMISSION_SET = EXTERNAL_ACCESS GO
When i execute this function i am getting Security Exception. Msg 6522, Level 16, State 2, Line 1 A .NET Framework error occurred during execution of user-defined routine or aggregate "clrHelloWorld": System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.RegistryPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. System.Security.SecurityException: at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) at System.Security.CodeAccessPermission.Demand() at Microsoft.Win32.RegistryKey.CheckSubKeyWritePermission(String subkeyName) at Microsoft.Win32.RegistryKey.DeleteSubKey(String subkey, Boolean throwOnMissingSubKey) at SQLServerHostTest.HostFunctions.Test(String strTmp)
I need your help and advice on copying databases from SQL Server 6.5 to SQL Server 7.0 and SQL 2000 . How can i do it ? Can it be done through Enterprise manager or is there a script available on any site or if someone can provide me . I want to copy all the objects, indexes and logins with Passwords from SQL 6.5 to SQL 7.0 and SQL 2000 .
Since i am not well versed with database transfer activities , Can somebody help me please !!
We have SQL Server 7.0 and when we try to bulk copy data with characters like ö , ä , ü , which are German characters with Umlaut , we get a different character coding . We try to import data to the database through bcp utility .
We want to retain the German characters as they are in original . Can somebody help or has insight of the problem ? Is it related to the Server settings or is there any special settings on the database ? Any other settings to be checked ?
When i try to copy one table , say for e.g table x from SQL 6.5 to SQL 7.0 it gives me an error that -
'Insert Error , column 46 ( 'Coloumn_name ',DBTYPE_DBTIMESTAMP), Status 6 : Data overflow . Invalid character value for cast specification .'
This column on the source server ( SQL 6.5 ) has datatype 'datetime ' with value 8 and is NULL .
Although there are other columns in this table with datatype as 'datetime' as 8 and NULL , they have been copied successfully to the destination table .Only this specific column is giving an error while copying data .
I am using import export wizard to copy data between servers . Since i have no experience with this , would like to have a solution from you to this problem. It will be great help for me .
I have a new SQL 2005 (SP2) Reporting Services server to which I've just upgraded and deployed some SSRS 2000 reports.
I have a subreport that contains a matrix with two groups. The report data seems to be inexplicably repeating the data for the first row in the group for all rows in the group. Example:
ID1 ID2 DisplayData
1 1 A
1 2 B
1 3 C
2 1 A
2 2 B
2 3 C
Parent group is on ID1, child group is on ID2, report would show:
1 1 A
2 A
3 A
2 1 A
2 A
3 A
Is this a matrix bug in 2005 SP2, or do I need to do something differently? I can no longer pull a comparison version from an SSRS 2000 server to verify, but I believe it was working as expected before...
I have posted this issue for a week, haven't got any reply yet, I posted it again and desperately need your help.
The article http://msdn2.microsoft.com/en-us/library/ms365343.aspx says: Model Item Security can be set for differnt security filters, but when I use SQL Server Management Studio to set Model Item Security, it seems "Permissions" property surpass "Model Item Security" property. -- My report server is using Custom Authentication.
For example, in "Permissions" property of the model, if I checked "Use these roles for each group or user account" without setting any user or group, no matter what users I added to "Model Item Security" with "Secure individual model items independently for this model" checked, NO one user can see the model on report manager and report builder;
in above situation, if I added "user1" and gave role such as "Browser" role to "user1" in "Permissions" property, if I checked "Secure individual model items independently for this model" in "Model Item Security" property, even I did NOT grant "user1" to root model and any entities under the model, the "user1" is able to access the model and all entities in report builder.
My question is on the same report model, how to set "AdminFilter" (empty security filter) for administrator permissions and set "GeneralFilter" (filtered on UserID) for general user based on their UserID?
The article also says:
"Security filters are always applied, even for users who have Content Manager or Administrator permissions to the model. To allow administrators or other users to see all rows of an entity on which row-level security is defined, you can create an empty security filter (which always returns True) and then use the filter to grant those users access to all the rows."
So I defined 2 filters "GeneralFilter" and "AdminFilter" for "Staff" entity for my report model "SSRSModel", I expect after I deployed the report model, the administrator users use report builder to build reports with all rows available, and the non-admin users can only see rows based on their UserID.
I can only get one result at a time but not both:
either the rows are filtered or not filtered at all, no matter how I set the "SecurityFilter" for the entity: I tried setting both "AdminFilter" and "GeneralFilter" for SecurityFilter at the same time, combination of "DefaultSecurityFilter" and "SecurityFilter", or one at a time.
I set up DB mirror between a primary (SQL1) and a mirror (SQL2); no witness. I have a problem when I issue command:
alter database DBmirrorTest Set Partner = N'TCP://SQL2.mycom.com:5022'; go
The error message is:
The remote copy of database "DBmirrorTest" has not been rolled forward to a point in time that is encompassed in the local copy of the database log.
I have the steps below prior to the command. (Note that both servers' service accounts use the same domain account. The domain account I login to do db mirror setup is a member of the local admin group.)
1. backup database DBmirrorTest on SQL1
2. backup database log
3. copy db and log backup files to SQL2
4. restore db with norecovery
5. restore log with norecovery
6. create endpoints on both SQL1 and SQL2
CREATE ENDPOINT [Mirroring]
STATE=STARTED
AS TCP (LISTENER_PORT = 5022, LISTENER_IP = ALL)
FOR DATA_MIRRORING (ROLE = PARTNER)
7. enable mirror on mirror server SQL2
:connect SQL2
alter database DBmirrorTest
Set Partner = N'TCP://SQL1.mycom.com:5022';
go
8. Enable mirror on primary server SQL1
:connect SQL1
alter database DBmirrorTest
Set Partner = N'TCP://SQL2.mycom.com:5022';
go
This is where I got the error.
The remote copy of database "DBmirrorTest" has not been rolled forward to a point in time that is encompassed in the local copy
This morning I can not connect to our SQL Server 7.0 whatever from client or server. The error message which I list below:
++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++ A connection could not be estabished to server--Timeout expired Please verfy SQL Server is running and check your SQL Server registration properties and try again. ++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++
We use windows NT authentication. We did not do any change on NT. The SQL Server daily schedule job usally stoped at 10:00AM, but today from the Window NT Task Manager, we can see that the SQL Server is still running untill now.
Hi! I did: alter database mydb set single_user with rollback immediate; exec sp_detach_db @dbname='mydb', @keepfulltextindexfile='true';
then I tried to copy files to new location on other drives, same server but got >>Cannot copy <myfile>: Access is denied Make sure the disk is not full or write-protected and that the file is not currently in use<<
I also tried rename of file without success. I also tried with db service stoppet (not preferred) without success.
How to find out, which process locks the files? Best regards
Is there any possibility to schedule SQL job execution as Windows Security Group? I need to run powershell script through SQL job with one of this group member's permissions.Â
I have Sql Server Express installed on Vista (service pack 2)
I have Visual Studio 2005 with an application that I'm trying to access it with within a WCF service.
The login ID of the service is added to the database.
The database has remote access turned on.
The ID is granted access to all databases within the server.
The thread is being set with WindowsProvider and the services set their thread to WindowsProvider.
The dataserver is set with using Windows Authentication for security.
When I open my connection to the database, though, it reports the typically useless message that the connection is not allowed and that the server may not allow remote connections.
How to I get past this? I've done everything right.
I want to use an Active Directory security group that is a Distribution List for a new role assignment for an existing report. Can someone tell me if this is possible? I get an error each time I try:
The user or group name <DLName> is not recognized. (rsUnknownUserName)"
if i have a given database (a model) and i want to copy this database in the same database instance. Is it ok to copy the mdf and ldf file and attach the files with a new database name in the same instance.