I have a SQL Server 2008 installed on Windows Server.
The problem I am facing is when I create a new user in windows, and then add that user in SQL Server Logins [Domain\Username] with Windows authentication, and give access to one database [inventory].
When the user logs in into SSMS, and when s/he expands the object explorer, he get an error message:
The server principal "Domain\User" is not able to access the database "Payments" under the current security context.
(Microsoft SQL Server, Error: 916)
If I give access to the Payments database, the user is able to see the database list in the object browser.
I do not want to give access to the Payments database.
Please help.
Mansoor
Related
We have a service account that we use to store the credentials on our report server to connect to our SQL DB. We have had no issues with this. It connects fine. However, there is a SSAS cube on the same server as the DB. We try to connect to the cube with the same service account. This has been unsuccessful. The account is an admin on the cube. It is not assigned to any other role. The error I am getting is
An error has occurred during report processing. (rsProcessingAborted)
- Cannot impersonate user for data source 'Cube'.
(rsErrorImpersonatingUser)
- Log on failed. (rsLogonFailed)
It mentions to check username/password but I know they are right. Is connecting to a cube somehow different from connecting to a DB?
Thanks
I'm not sure of the technical details but we connect to our cubes differently that the SQL Server DBs.
We use service accounts and passwords to connect to SQL DBs but for our cubes, we Use Windows Authentication for credentials. Not sure what the rhyme or reason is but that's how we got it to work.
I have deployed a SSRS report for the user.But while accessing the report from the report server user is getting the below error
But I and some of the users are able to access the same report,Please suggest me.Do i need to add him in any Security
Thanks in Advance
The user that is connecting to the report needs to have access to the database that the data source is. You can use stored credentials if the level of database access is not as important.
You can also instead add them to a user group that has certain read access to the database instead of giving them direct access etc.
This depends mainly on the security you need in the database.
Below you can see how to setup a report server connection:
Report Server Connection
I deployed my report to the report server. This report has some DB connection which uses Windows Authentication.
When I run the report from the same server works fine, but when I try this from a remote sever I errors saying EXECUTE permission denied on the stored procedure.
The EXECUTE permission was denied on the object 'sp_xxx', database
'DB', schema 'dbo'.
I did further analysis and found that when the report try to connect to the DB is uses NT AUTHORITY\ANONYMOUS LOGON login.
And the report server is running under NT Authority\NetworkServices.
p.s: Also the remote server and the report server is in the same domain.
What am I doing wrong which is not passing my Windows authentication?
Please help...
If you have access to the server you should define a ReportUser user that has access to ssrs and mssql since you are using windows auth. When you deploy, the dataset credentials should be set to the same user above. This would be akin to going into ssrs and setting the configuration of the dataset of the report to a known user account with sufficient privileges to run the report and query the database.
I'll try to walk you through, I hope I haven't forgot something
Can you connect to your server remotely using management studio and your admin credentials? (Check TCP/IP is enabled under SQL Server configuration manager)
Have you assigned enough permissions to the security role? have you assigned the user to the role?(check this out - Grant execute permission for a user on all stored procedures in database?)
Can you successfully connect with your data source? (Check username and password are working)
I installed a company specific program which can connect to a SQL Server. I installed SQL Server 2008 Express with mixed authentication. I called the instance SQLExpress.
What I want to do is to create a new database via the program. (see image). In point 5 I tried many logins like sa-login, MyComputerName\User-Password, User-Pass, but nothing works. In point 6 I used for the server name SQLExpress or MyComputerName\SQLExpress and for the (new) database name I used MyDB, but same thing here. Can't connect.
It keeps saying:
cannot create database master.MyDB. SQL Server doesn't exist or access denied.
Can anyone help me please?
Image: http://imageshack.us/photo/my-images/248/sqlserverinfo.png/
Thx
I figured it out.
I've created a user in SQL Server and added him to the "sysadmin"
role and gave him access to the "master" database.
After that I added an inbound rule (allow port 1433) to my Windows Firewall to allow remote connections to the SQL Server.
See http://msdn.microsoft.com/en-us/library/ms175043.aspx
I'm trying to get a classic ASP application to connect to a local SQL Server 2008 database. The app and database were built by someone else. I'm just trying to get them installed and running on my machine (Windows 7).
I'm getting the following error when when the ASP app tries to connect to the database:
Could not connect to database:
Error Number: -2147467259
Error Message: [ConnectionOpen (Connect()).] does not exist or access denied.
I don't see any messages in the Windows Event Viewer. I'm looking at: Event Viewer->Windows Logs->Application.
It's a fresh database install using a simple restore. The SQL Server install uses the default instance. SQL Server and Windows authentication are both allowed. I left the existing connection string (in the ASP code) in tact and just tried adding that to my SQL Server installation. Here's the connection string:
strConn = "PROVIDER=SQLOLEDB;SERVER=localhost;UID=TheUser;PWD=ThePassword;DATABASE=TheDatabase;"
To add that user to SQL Server, I went to Security/Logins in SSMS and added the user and the password. I selected the database in question as the Default database. I thought that might do the trick, but it didn't. Then, I went into TheDatabase, then went into Security there. I added a new user there, referencing the new user I had already added in server Security. Under Owned Schemas, I clicked db_owner and under Role Members I checked db_accessadmin and db_owner. None of this gave the ASP application access to the database. The sid values match in sys.database_principals and sys.server_principals for the login in question. I am able to login to SSMS using this login.
The app needs to execute selects against the database like this:
oConn.Execute('select * from someTable')
I'm not a DBA and am sort of grasping at straws here. How do I get this thing connected?
Thanks,
Jay
It occurred to me that SQL Server or the website in IIS might be running as users with the wrong permissions. Based on what I read, it's okay for SQL Server to be running as Local System, so I left that alone.
In IIS, my website was using "Application user (pass-through authentication)". This is set in the Basic Settings->Connect As ("Edit Site" dialog box). When I clicked "Test Settings...", next to Authorization it said "Cannot verify access to path (c:\mywebsitepath)." I increased access permissions on that directory, but that didn't help. In the "Connect As" dialog box, I then changed "Path credentials" to use "Specific user" instead of "Application user (pass-through authentication)". I set it to use the user that I log in to my machine as. After that, when I click the "Test Settings..." button, next to "Authorization" it says "Path is accessible (c:\mywebsitepath)." After that, the ASP website is able to connect to SQL Server just fine.
Since the connection string was using a specific SQL Server username and password, I'm not exactly sure why this fixed the problem, but it seems to have.