Odbc Errors After Joining New Domain With New User
Jun 14, 2007
Hi
I am new to this forum so I hope I have got the right one.
The problem I am having is I installed a new server into an office with 25 users. I joined the users to the new domain with new logins.
The server process then installed outlook 2003 onto each machine. Most machines are windows 2000
Problems arose in sage I have tied this down to the report designer and odbc.
On every machine bar 1 the report designer crashed when running a report. The problem like I said was that you cannot now connect to the odbc driver for sage and when you go into odbcad and try to look at the driver you get an error saying
The setup routines for the sage line 50 odbc driver could not be loaded due to system error 127
Then after that comes
Could not load the setup or translator library
I have looked on the net for this error and it tells you to look in the registry to make sure that the odbcinst is pointing to the correct location, I have checked this and it is. I ahve also checked the security and this seems ok aswell.
The next step was I loaded a fresh copy of windows 2000 into a new folder and tried to load the odbc driver again. This failed with the same as above.
This points to the software settings but I cannot find out where.
Iwas wondering if anyone has had the same problem and they could point me in the right direction.
-A "master domain" AD, a "sub domain" AD, a trust relationship between the two (sub trust master) -A sql server 2005 on a win server 2003 in "sub domain" AD -A linked server to "sub domain" AD -A linked server login using a "sub domain" admin acccount -A view to this linked server -A grant on masterDomain/Domain Users to the database -A grant on subDomain/Domain Users to the database -We want all connections done through "Windows Authentication" not "Database Authentication".
Queries on the view work fine using "sub domain" user accounts. Queries on the view fail using "master domain" user accounts (including master domain admin accounts)
"Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "ADsDSOObject" for linked server "ADSI" reported an error. The provider indicates that the user did not have the permission to perform the operation."
All connections are done through "Windows Authentication" not "Database Authentication".
Can we establish cross domain connectivity with "Windows Authentication" ?
Below are details of the implementation:
SELECT TOP (100) PERCENT * FROM OPENQUERY(ADSI, 'SELECT displayname, givenName, sn, cn (etc...) FROM ''LDAP://OU=PEOPLE,DC=subDomain,DC=com'' WHERE objectCategory = ''Person'' AND objectClass = ''user'' ')
In SQL Server Mngt Studio in Server Objects/Linked Servers/Providers/ ADSI properties security tab I have:
"connections will: <be made using this security context> Remote login:'subDomainAdminAccnt' With password: 'subDomainAdminAccntPassword'
Error: Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "ADsDSOObject" for linked server "ADSI" reported an error. The provider indicates that the user did not have the permission to perform the operation.
Msg 7320, Level 16, State 2, Line 1
Cannot execute the query "SELECT displayname, givenName, sn, cn
FROM 'LDAP://OU=PEOPLE,DC=subDomain,DC=com'
WHERE
objectCategory = 'Person'
AND objectClass = 'user'
" against OLE DB provider "ADsDSOObject" for linked server "ADSI".
After using ADMT to migrate the domain user or group into the root domain, when I use enterprise manager to try and change the permissions allocated to that domain user/group, i get the 'Error 15401 NT user or Group not found'.
This is a correct error as the user is now in the root domain, however sql (in sysxlogins) still thinks its in the child domain.
Is there a simpler way, other than collecting the users permissions, deleting the user from SQL then adding back in with the correct domainusername format, then adding the permissions back?
I tried renaming the 'name' in sysxlogins (not recommended) and while that worked, whenever I tried to add the migrated user to another database, the login name was missing and would not resolve.
I believe it is something to do with the SID not matching.
I currently have replication (transactional) set up within my domain successfully using 2000 and 2005. I need to start replicating to a hosting center for a web app from my server out on the DMZ. I can use SSIS and SMS to connect, update data, etc. but when I try to replicate out there it gives me the following errors:
1. Tells me it needs a named instance so I give it the hosted server name : ABC123
2. Then I get the following:
TITLE: Connect to Server ------------------------------
Failed to connect to server ABC123. (Microsoft.SqlServer.ConnectionInfo)
------------------------------
An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (Microsoft SQL Server, Error: 53)
Installed sql server 2012 enterprise. Runs with the built in account fine.
I tried entering a domain account to run as the service account from sql configuration it fails with the error "the specified network password is not correct".
I tried from services.msc and entered successfully but when I try to restart it fails that the log in credentials are wrong.
the domain account and password I entered are just fine. What's it I should do or missing?
Is it possible to capture the errors which raising in System,Databases,networking using SQLServer UDB(assume DBA Database). or Is it possible to store all Errors(system,Databases,networking...Services failure...)in SQL Server UDB.
We have purchased an ERP system from a vendor which uses system DSN for all the reports. The system automatically creates DSN with Sa with SQL Server. The problem is the DSN is not working with AD users.
Active Directory server: Windows Server 2008 32 Bit.
SQL Server: Windows Server 2012 64 Bit. This server is already member of my Domain. e.g. CompDomain.com
What should I need to do in client PCs or Server to avail ODBC to AD users.
Hi! I am trying to establish connection from different domain using ODBC driver with no luck! I am able to do it within my domain from any place, but it fails from outside. I have two-ways trust established between domains. Users are able to see and use resources both ways. When I create ODBC it doesn't matter if I use SQL or Windows NT authenctication, I am getting error:
Connection Failed: SQLState: '01000' SQLServer Error: 11004 [Microsoft][ODBC SQL Server Driver][TCP/IP Sockets]Connection Open (getbyhostname()() ) Connectio Failed: SQLState: '08001' SQL Server Error: 11
I tried to set it with TCP Static Port or Dynamic. No difference. What should I look into?
We have recently upsized several Access databases to SQL 7.0. I created the ODBC datasource to an Access frontend. The tables open but I get the following error when I try to update any of the tables:
ODBC update on a linked table "tablename" failed.
Followed by:
[Microsoft][ODBC SQL Server Driver][SQL Server]The text, ntext and image data types cannot be used in the WHERE, HAVING, or ON clause except with the LIKE or IS NULL predicates [#306].
I've Got SQL 2005 installed on SBS2003. I'm trying to connect to it from XP using User/System/File DSN connections. The error it returns when I try to test the connection is 'SQL server could not be found or access is denied. The Error Codes are SQL Server Error: 2 and SQL server error: 17.
Hi All, I have a database using Access 2003 as a front end and SQL as a backend. I set up all permissions in SQL and linked all tables to the Access frontend. After putting the front end on the network for other users, they receive the following error: ODBC €” connection to <name> failed. (Error 3151) What do I need to do please
We recently upgraded to SQL 2005 from SQL 2000. We have most of our issues ironed out however about every 1 minute there is a message in the Application Event log and the SQL log that states:
EVENT ID 18456 Login Failed for the users DOMAIN/ACCOUNT [CLIENT: <local machine>]
This is a state 16 message which I thought meant that the account does not have access to the default database. The account is actually the account that the SQL services run under.
Any ideas? We can't seem to figure this one out. We actually upgraded to 2005 from 2000 and had an error appear after every reboot that prevented the SQL Agent from running(This application has failed to start because GAPI32.dll was not found. Re-installing the application may fix this problem.) We did a full uninstall of SQL and reinstalled fresh and restored the databases from .bak files and that is when the EVENT ID 18546 started occuring every minute.
We don't have any SQL heavy hitters here so please be detailed with any possible solutions. That you very much for any help you can provide!
I'm getting a ODBC timout error when i try to login to SQL server. After the initial error i try connecting again, and it works. Why is it giving me an error in the first place and then when i try reconnecting it'll work? Does anyone know. Could it be i need to update my ODBC drivers. This error all of a sudden just started happening.
As a SQL adminstrator any maintenance I perform including performing full database backups against the sql server with users connected to a certain database, causes the odbc connection to fail between the web server and the sql database. This causes all clients to experience an odbc failure. The only resolution is to reboot the webserver. There is ODBC driver incompatibilites that exist between the servers. Does anyone have any suggestions? I am in the process of a change control request to upgrade the ODBC on the production SQL server to 3.70.0623 the same as the web server but am not sure that this is the issue. Can there be something in the application itself that would be causing it to break and not reestablish the ODBC connection?
Hello, all: I am connecting to SQL Server 2000 with a trusted connection, and that is working fine. I then am issuing a SQLGetInfo call to find out the SQL_USER_NAME, which is always returning dbo instead of (my) Windows NT login name, which I expect to see. THe authentication is (apparently) confirmed by the SQL Server session monitor where it shows the right Windows NT user name logged in, over ODBC. With a standard SQL Login, untrusted, I definitely get the right user name back, not dbo.
So:
Login Type / user id /returned value from SQLGetInfo
Windows Authentication / Windows login / dbo SQL Authentication / Windows login (UID) / UID
The problem is that I am trying to confirm that the userid entered in a dialog or passed on the command line to my application matches the actual connected user name inside SQL Server....
My questions: Is there some pathology in Trusted_Connections that masks the Windows/NT login name and always returns UID 'dbo' from a call to SQLGetInfo? Is there a MSS (public) stored procedure that can robustly give back the logged in user name so I can bypass the SQLGetInfo call?
We connect via terminal services to an excel spreadsheet that has anODBC link to an access database using a pivot table, when we try torefresh the data within the excel spreadsheet we receive the followingerror "the microsoft jet database engine cannot find the input table orquery....."this works ok if the user connects to terminal services as theadministrator however if they connect as any other issue it won't workAnyone got any ideas?(have tried 2000 ts and 2003 ts)
I am the DBA for a product development company with an application currently connected to and running fine on SQL Server 2000. I have recently installed our product on 2005 sql server with compatability version of 90 and some folks have begun testing. Apparently, there are a lot of strange things happening and ODBC errors are frequent. The more they move around in the app, the more errors appear. Sometimes, they appear, sometimes they don't. The most common occurence is an error such as, x table is missing the following columns. Then the user does it again and does not receive the error. Another issues is "Application Terminating Due to Severe Database Error" and when we look at the logs our app generates:
08/10/2006 08:57:09 (01000/10054), [Microsoft][ODBC SQL Server Driver][DBNETLIB]ConnectionRead (recv()). SQLColAttributes 08/10/2006 08:57:09 Table x.TS_X is missing the following columns:
The user has database role membership db_data_read and db_data_write access to the database. MDAC version - 2.81.1117 ODBC version - 2000.85.1117
Could this be a permissions issue or possibly more of an ODBC issue? Any thoughts would be greatly appreciated
SQL2K SP2 on Win2K Server in single native-mode domain
I'm trying to change MSSQLServer and SQLServerAgent to run under a domain account instead of LocalSystem. SQL is not running on the DC. I get Error 22042:xp_SetSQLSecurity() returned error -2147023564, 'No mapping between account names and security ID's was done'.
The SQL machine is part of the domain. I'm logged in as a Domain Admin.
I need to provide a UI to get the information to add a windows login to a SqlServer database. The CREATE LOGIN Sql statment requires the user name as "DomainNameUserName". I can get a list of users in XML using the following code:
public static XmlDocument GetAllADDomainUsers(string DomainPath) { string domain; XmlDocument doc = new XmlDocument(); doc.LoadXml("<users/>"); XmlElement elem;
DirectoryEntry searchRoot;
ArrayList allUsers = new ArrayList();
if (DomainPath.Length == 0) { DirectoryEntry entryRoot = new DirectoryEntry("LDAP://RootDSE"); domain = entryRoot.Properties["defaultNamingContext"][0].ToString(); } else domain = DomainPath;
searchRoot = new DirectoryEntry("LDAP://" + domain);
This works for listing the names but how do I get the NetBIOS domain name for a selected user as required by SqlServer? I have tried using TranslateName from secur32.dll. That works on some machines but for some reason on other machines, it returns a blank. Is there another way?
I setup a new ODBC connection to MS SQL Server 2000 on Windows XP and keep getting the following errors when I try to either register a new SQL Server 2000 group within Enterprise Manager or test the new ODBC connection:
Current configuration
- MS SQL Server 2000 -Windows XP -ODBC 3.85.1117
Errors:
I. Within SQL Server 2000 Enterprise Manager
Error: SQL Server connection open
II. When I test the ODBC connection:
Microsoft SQL Server ODBC Driver Version 03.85.1117
Running connectivity tests...
Attempting connection [Microsoft][ODBC SQL Server Driver][TCP/IP Sockets]Specified SQL server not found.
TESTS FAILED!
Now here is what has me totally confused:
I can use the command line ISQL to access the database on the server and IP is all correct and port is available.
What can be the reason(s) why I can't get data from a linked server using an ODBC datasource that works fast & fine from MS Access?
I have an ODBC connection (System DSN) configured for an Informix ODBC driver. The Test button (belonging to this driver-setup) reports a successfull connection test. Getting data from this database by linking tables in MS Access works fast and easy. But I have tried for many days now to setup a linked server from SQL Server (2005) Creation goes fine, but as soon as I issue a query, (e.g. 'select * from infrem723...remotetable' or using 'openquery') I get the following error: ---
Msg 7399, Level 16, State 1, Line 1
The OLE DB provider "MSDASQL" for linked server "infrem723" reported an error. The provider did not give any information about the error.
Msg 7303, Level 16, State 1, Line 1
Cannot initialize the data source object of OLE DB provider "MSDASQL" for linked server "infrem723".
---
Why is Access able to read what "MSDASQL" cannot? I am desperate - can anybody help?Thanks a lot!
My SQL servers are using integrated windows nt security. Our user account is changing to a new domain. Is there an easy way to change the server logins to point to the new domain instead of removing the user and adding a new login from the new domain.
Im currently working on a intranet and trying to set up some security. The intranet acesses a SQL server 2000 database. I would like to know if there is a stored procedure(or other way) of returning all the domain groups that a user belongs to when passed the users NT login. I found xp_enumgroups which returns all the groups on the domain and also xp_logininfo which returns the users of a passed domain group. These are usful but i need to just pass the NT username and return all the Domain Groups. Any thoughts, ideas would be great!
My SQL Server is running as a Domain user account and it asked me to enter the password for thr Domain user account when I was changing the Startup account from Local to Domain user. My QUESTION here is: Is there a way or command for me to change the password automatically on the Services account, if I change the password for the Domain User account/.
New to SQL Server. Plan to install SQL Server 2005 standard edition on Windows 2k3. After searched a lot of places, still don't understand what exactly "domain user account" is. Could someone explain it to me? 1. Is this a OS account where SQL Server is running? 2. Or, is this an account under domain controller on other machine? Is this an account on DNS srver? How do I create it? 3. Or, is this an account in SQL Server?
Where is this account located? How do I manage it?
Is there an automatic way of changing the Domain user password getting used for running the SQL Server as a Domain user account? I'm taking about EM---Security----Domain User name and the password getting used for running the SQL Server?
Hi, I want to use a domain user account not belonging to local admin or domain admin groups in SQL 2000/2005 Enterprise edition. This is what I've done so far.. On the machine that is the Domain Controller: - installed SQL 2005 as a domain admin
- created a domain user account using Active Directory Users and Computers. This user is only
"Member of" domain users; not any Administrators group.
- added this user to SQL Server Management Studio->Logins and in Server Roles assigned
sysadmin role. Question 1: Do I need to give any additional permissions to this user to work with SQL? Question 2: How can I test this user for basic SQL operations like database creation? Can I use Osql? Question 3: Can I use this user account to login to my domain controller using remote desktop? I tried adding this user to remote users, but in vain.
Hi, I'm new in MS SQL Server; comming from Firebird and PostgreSQL. I'm trying to import the SQL Script of a database I have in PostgreSQL 8; one basic SQL functionality is the "domain", as the way to create a user datatype; in my database I have one basic domain: OID:
CREATE DOMAIN dom_oid AS numeric(18,0) DEFAULT nextval('oid_secuence');
Is there a similar way to create this kind of types in SQL Server?
I have read the posts concerning login failures for the ASPNET user. I have a slightly different problem, as you can see from the title of this post.
My environment is a private domain that has two machines:
1) Windows 2000 server on which SQL Server is running. Let's call it FOO_SERVER.
2) Windows XP Professional on which I am running my IIS and .NET development environment. Let's call it FOO_WORK.
3) Let's call the domain, FOO_DOMAIN.
The user, ASPNET, is not a domain user, but a local user, so I do not know how to establish it as a valid login for SQL Server. But this is beside the point, anyway, as the error I am getting has nothing to do with the ASPNET user. It appears that a different username is being used to access SQL Server.
I've been trying to workout how, without impersonation, I can allow an application running under the default ASPNET user to access a network resource (SQL Server/ADAM) not on the same physical machine.
It seems that because the ASPNET user is a local user not a domain user I can't setup windows authentication on the network resource. That seems to leave impersonation which MS et al say is unwise.
Is there a way to change a logins based on domain users, we just changed domains so all the domainlogin logins are not working anymore. Do I have to reapply every security on every database object? There has to be a fix for this, its a common thing.
Any help is greatly appreciated, everything i googled applied to SQL Server 2000 and system tables that dont exist in 2005
Hello,My server is part of a W2K domain. What do you advice me as account torun my SQL*Server, service started with a domain user account or aslocal system ?I need advices from a security point of view.Thank's in advance