What does the "[dbo]." mean in the following sql script stmts?
use [IBuyAdventure]
GO
if exists (select * from dbo.sysobjects where
id = object_id(N'[dbo].[Accounts]')
and OBJECTPROPERTY(id,N'IsUserTable') = 1)
drop table [dbo].[Accounts]
GO
and if you please, what does the "N" in N'IsUserTable' mean?
I cannot get a consistent answer as to how many domain accounts would be suggested in a SQL Server 2014 installation. Previously the recommendation was a separate account for each service to provide isolation and minimum permissions for each account. It seems from what I've read that a single domain account would have something added to make it unique from SQL Server's perspective. Several still advocate multiple accounts. I don't know if they are doing so because that's the way it's always been done or if there is still some compelling reason to do so. I don't want to create unnecessary accounts simply because something is "ideal."
I am setting up Replication and have a question about what's considered best practice for the accounts that will be running the replication agents. Microsoft says, "Run each replication agent under a different Windows account, and use Windows Authentication for all replication agent connections." What they don't say is whether these accounts are local accounts or domain accounts.
Which should I use/create, domain accounts or local accounts?
We have a SQL2005 Standard setup with mirror and witness
I create a Database in the Principle, create a SQLLogon account and give it permission to the database. All works.
I then fail the databse over to SQL2 and the database is there, it has the SQLAccount I create at the database level, but a logon does not work. I notice there is not login account at the database level and If I attempt to create one, I am told there is one already. I try to assign permission to that account for the database and it again replys that there is already on.
Is this refered to as an orphaned logon?
I was a post on Moving logins from on server to another, is that what I must do?
Is it possible to have a different account for the accoutn that starts the MSSQLServer service and the account tied to the Mail profile on the server?
We had created an account to start the SQLServer but we are in a network where we have a 1 way trust with another domain, we trust them but they dont trust us, and our exchange is on their domain.
WE currently use Windows authentication so our account used to start SQL Server would not be trusted by exchange.
Our thoughts on a solution were to have them create a service account that we would have access to the mailbox and would also start the SQL Server but thats it.
I was just wondering if anyone else had any other suggestions.
Hi Everyone. I have 150 SQL servers (2000 MSDE). They all run using various domain accounts as their service logins. Is there an automated way to find out those service logins? Maybe a query I could run on each server? I really do not want to go to each of those 150 servers and look at their properties manualy! :S Any help would be greatly appreciated! Thank you.
ACCT_MASTER HISTORY Dates Gl_ACCOUNT yearGL_NUMBER Perid 12345-00 201312345-00-20131304 67890-00 201067890-00-20101305 54321-08 201354321-00-20131304 . . Total of 3640 accounts
I can't figure out how to display all 3640 accounts. If there is no match in HISTORY table for this period display 0 for the calculations but display Gl_ACCOUNT + year.
12345-00-2013 67890-00-2010 0 54321-00-2013
All 3640 rows here
My code shows only 3469 records.
select M.GL_ACCOUNT +'-'+ isnull(policy_year, '0000')NewGL, isNull (SUM(PRIOR_VDIFFPRIOR), 0)as [PriorEndOfMont], ISNULL(sum(CURR_VDIFFPRIOR),0) as [CurrentEndOfmonth] , isnull (SUM (PRIOR_VDIFFPRIOR),0) - isnull (sum(CURR_VDIFFPRIOR),0) as Difference from GL_ACCT_MASTER m left outer join SUMMARY s on M.GL_ACCOUNT +'-'+ isnull(policy_year, '0000') = s.GL_NUMBER group by GL_NUMBER,M.GL_ACCOUNT +'-'+ isnull(policy_year, '0000')order by GL_NUMBER,M.GL_ACCOUNT +'-'+ isnull(policy_year, '0000')
I have a SQL2005 in a cluster environment, for some reason the only way that user accounts can login to either the database or SSMS is to grant them the SysAdmin role. This access is a little to high for my liking and am wondering if anyone else has come across this before.
I don't understand why this subquery doesn't work. If I replace the subquery with a View it works. I am trying to determine the number of "active accounts" in a group of transactions during December. What am I missing?
SELECT salesrun_id, Count(account_id) FROM (SELECT salesrun_id, account_id FROM Trades t WHERE t.date > '2007-12-01' GROUP BY t.salesrun_id, t.account_id)
Msg 102, Level 15, State 1, Line 4 Incorrect syntax near ')'.
I've just been looking at a new 2005 install and found 3 logins:SERV1SQLServer2005SQLAgentUser$SERV1$MSSQLSERVERSERV1SQLServer2005MSSQLUser$SERV1$MSSQLSERVERSERV1SQLServer2005MSFTEUser$SERV1$MSSQLSERVERAre these logins created during the install of SQLServer2005 by defaultand what are they used for ? Can they be deleted safely ? If they arerequired, can the names be set during install to something else ?TIALaurence Breeze
Seems only a few of us are experimenting with WSS 3.0 and RSS 2005 (requires sp2 ctp). I've gotten just so far after battling several installation problems. Only Brian Welcker and Spyuta (sp?) have been active here or on their blogs about this. While the instructions are good at the RSS addin for sharepoint page, http://download.microsoft.com/download/f/2/5/f250ed72-c102-4216-8653-63189e24fa02/readme_rsaddin.htm, there are some notable word mismatches. Under the section "Install the Reporting Services Add-in and Configure the Report Server on the SharePoint Technology Instance" they refer to granting accounts access to the database, which is labelled, 'add trusted accounts'.
This is as far as I can go because within that step there is a dialog prompting for credentials and no matter what I use, domain, local, whatever, the page displays a warning in red above the server name that says 'Some or all identity references could not be translated' And so it seems that is where I'm stuck.
If I change the server name in the page to an IP number, then I get this warning instead:
Report Server is not running on the same machine as SharePoint and Report Server is configured to run as a machine account. This is not a supported configuration in CTP2
Both of these assumptions are untrue. My report server is running side by side, and I have changed the port number in the rsconfig file. I try using the port number along with the ip number or machine name, but then I just get:
A connection to the computer cannot be established
Banging my head on this long enough, I now go back to the 'Integration setttings' page and change the authentication mode from Windows authentication to Trusted account. Now I redo the 'Add trusted account' page and it seems to go through without an issue. (whoa, I just ignored the directions and did the opposite)
I check the domain account used as service account for all of the above and I see it has been granted dbo and RSExecRole for the WSS/RS integrated database.
Now I can move ahead and actually see how the RSS integration with WSS 3.0 works. Of particular interest is deploying already created reports that I had appearing in the report manager web app before creating the integrated RSS database.
Please could someone let me know what the minimum Server and Database roles are for an Account to use SMO to create further accounts, using SQLSever accounts and not Windows authentication.
I'm finding it hard to find the right documentation.... Could someone give me a link into SQ Server Books 2005 (Express) online, that explains SQL Server security from the ground up. ie What all the roles are for etc.
From many web pages it is suggested to use windows accounts for merge replication and then using the same in SQL login also.
If there are 1000 users , should we create 1000 different WindowsSql logins manually? Or is it fesible to use one common windows/sql account for all the 1000 users in security and integrity point of view?
Trying to install Backup Exec 12 which comes bundled with SQL Server 2005 Express. OS is a clean install of Swedish Windows Server 2003 Std R2, fully patched.
SQL fails to install, and the following is in the SQL summary-log:
Product : Microsoft SQL Server 2005 Express Edition Product Version : 9.2.3042.00 Install : Failed Log File : C:ProgramMicrosoft SQL Server90Setup BootstrapLOGFilesSQLSetup0002_VAXSRV02_SQL.log Last Action : Validate_ServiceAccounts Error String : SQL Server Setup could not validate the service accounts. Either the service accounts have not been provided for all of the services being installed, or the specified username or password is incorrect. For each service, specify a valid username, password, and domain, or specify a built-in system account. The logon account cannot be validated for the service SQL Server. Error Number : 28075
Since the installation of SQL is bundled with the Backup Exec installation, there is no(?) possibility for me to specify usernames for the different services. The Backup Exec installation is initiated under the Domain Admin's login.
I suspect the problem occurs because of the OS not being English, but I am not sure. Have installed earlier versions of Backup Exec with SQL Server 2005 Express, on Swedish Windows Server 2003, before without issues. No help at Veritas/Symantec's homepage.
How do I create an indented chart of accounts style report in SRS?
I have a single Accoutns table with the account entries and a reference to the parent account. Is there a simple way to have it go down all the levels and assign the correct level?
We would like to publish reports on the Internet. My understanding is there are three parts. 1. SQL Server Database 2. Reports Services 3. Reports Manager The SQL Server with the databases is on our LAN and is a member of our Active Directory Domain. Report Services and Report Manager are on a server in our DMZ that is not a member of the Domain. Will this work? How do I authenticate the RS/RM to SQL? Should Report Services be on a server in the domain with the SQL server and report manager be on another server in the DMZ and not a member of the domain? I have seen a lot of information about SQL RS and RM but nothing about what servers need to be a member of a Domain.
We are in the mist of a SQL project that also includes tighting the locking down of our SQL Servers. We generally remove certain accounts from security such as Built-inAdministrators. On SQL 2000, this is pretty straight forward. However SQL 2005 adds a few new accounts that we must take into account.
Once we load SQL 2005, NT AUTHORITYNETWORK SERVICE, NT AUTHORITYSYSTEM, <servername>SQLServer2005MSFTEUSER$<servername>$<instancename> now appears. Althought they are not in any obvious server roles or has access to any databases. I also noticed these accounts are denied permissions to connect to the database engine althought the login is enabled.
In addition, there are a number of Local Windows groups that were added. There are additional groups added for the purpose of taking advantage of certain SQL Features (full text, intergration service, etc).
The question is what is the harm in removing these accounts from SQL? From Windows? Although we are not using these services now, I installed them when I setup the server. Will removing these services also remove these account?
Hello, I'm having a problem using Windows Accounts to login to a SQL 2005 Server. Here is my setup. The SQL server and web server are separate machines. I'm also not developing directly on the web server. SQL Server - Windows 2003 Server- SQL 2005- Set to use SQL and Windows AuthenticationWeb Server- Windows 2003 Server- IIS 6.0 - Anonymous Authentication is disabled - Integrated Windows Authentication is enabledApplication web.config: <?xml version="1.0"?> <configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"><appSettings> <add key="ETR_Environment" value="Dev"/></appSettings> <connectionStrings> <add connectionString="Data Source=sql-dev-server, 1179;Initial Catalog=ENV_ETR;Integrated Security=SSPI;" name="ETR_Dev"/> <add connectionString="" name="ETR_Prod"/></connectionStrings> <system.web> <compilation debug="true" strict="false" explicit="true"/> <pages> <namespaces> <clear/> <add namespace="System"/> <add namespace="System.Collections"/> <add namespace="System.Collections.Specialized"/> <add namespace="System.Configuration"/> <add namespace="System.Text"/> <add namespace="System.Text.RegularExpressions"/> <add namespace="System.Web"/> <add namespace="System.Web.Caching"/> <add namespace="System.Web.SessionState"/> <add namespace="System.Web.Security"/> <add namespace="System.Web.Profile"/> <add namespace="System.Web.UI"/> <add namespace="System.Web.UI.WebControls"/> <add namespace="System.Web.UI.WebControls.WebParts"/> <add namespace="System.Web.UI.HtmlControls"/> </namespaces> </pages> <authentication mode="Windows"></authentication> <customErrors mode="Off"></customErrors> <authorization> <allow users="XXXWilliam.Klein"/> <deny users="*"/> </authorization></system.web></configuration> The reason why I want to use the windows login to connect to the database is the application needs to keep track of who did what when entering and updating data but still keep them using there windows login accounts. So using a generic account will not work. What keeps happening is I keep getting this error: Login failed for user 'NT AUTHORITYANONYMOUS LOGON'. When trying to connect the database. I've tried this on two web servers on another I get something slightly different: Login failed for user 'XXXWeb-Server$'. Anybody able to give me any suggestions on how to fix this?
Hi, I hope this is in the correct category. I have two .mdf files. aspnetdb.mdf and emotiveonline.mdf. My host provider can only give me one database in sql server express 2005. Now I am no genius when it comes to programming and that kind of stuff but those two mdf files would be seen as 2 databases right? What I would like to know is that if I can but everything into one mdf file and how would i go about doing that. My website is almost finished and just thought about this now. Would like to do the changes as soon as possible so that I won't sit with a humongous problem later on. Thank you in advance. Kind regards,Ruan Rossouw
I am copying a database to an alternate server by restoring a full backup onto the new server. However, whether I create the logins prior to the restoration or not the user accounts in the database no longer map to logins in the master.
Unfortunately it is not simply a case of dropping the acounts as they own objects in the database.
My best solution to date has been to use the sp_addalias to alias logins of the same name to the original user. However this is a far from ideal situation as one cannot readily tell that the logins are aliased and there must be an additional overhead in doing this.
I'm trying to make the select query attached neater by removing the list of accounts and simply providing a range. For the life of me, I can't seem to figure out how to do it. So hopefully one of you can help me out with this.
I have three tables Accounts, History and Dates . What I need to do is display all the accounts from History (900) records and compare them to the accounts in Accounts table pull all the matching records based on a certain date range , but If there is no record in the History table for this period I still need to display the account from Accounts and some text saying that there is no record matching for this period.
Account History 11 22 33 4NO information for this month 55 SELECT C.ACCOUNT, CASE WHEN C.ACCOUNT = LEFT(H.NUMBER,8) THEN LEFT(H.NUMBER,8) END FROM ACCTS C LEFT OUTER JOIN HISTORY H ON C.ACCOUNT = LEFT(H.NUMBER,8) INNER JOIN DATES D ON h.PERIOD = D.CUR_PERIOD GROUP BY C.ACCOUNT, H.NUMBER
This will give me all the matching records for the period but I need somehow to show all the accounts even if they don't have records for this period.
We are about to change the sa password, currently all packages and jobs rely on this account. I imagine there is probably a better architecture that we could employ to ease this process. Any suggestions recommendations?
Also any caveats I should be aware of regarding places to look that might currently rely on the sa account so that we do not need to worry about existing processes from breaking?
I think we are going to create an NT account for DTS Packages and possibly use the same account for any DTSRun jobs, does this make sense? Or is there anything to gain by having these as separate accounts? Also should this be the same account used to run the MSSQLServer process?
I tried doing a search for this information here, thinking it was already covered, but could not find anything that informative, any resources that you could point me to would be appreciated, I will look on BOL as well as MSFT to see what I can dig up.
I have four tables (all inner joined) and currently they give me the results i need. However, my boss has now asked me to return all associated accounts as well.
I am currently pulling data from the four tables to make up my results table, and the returned results are based on the loan types in my loans tables having a loan type of '1A'
So if the loan type is 1A I get a result.
However, Mr Smith (for example) may have three loans but only one of them is type '1A'. The other two might be type '5H' and '2'.
What I need to be able to do is return all the associated accounts of any customer that has a type '1A' loan.
This is my code:
Select c.customernumber, l.accountsuffix, c.forename, c.surname, lt.code, l.balance, j.journeynumber from customers c inner join loanagreements l on c.customerid = l.customerid inner join loantypes lt on l.loantypeid = lt.loantypeid inner join journeys j on c.journeyid = j.journeyid Where j.journeynumber = 93 and lt.code = '1a' and l.balance >0