I have searched up and down for a solution and cannot find anything that helps. Everything that I have tried doesnt seem to work.
I have two database. I cannot modify Database A by adding a table or anything like that. I cannot enable cross-database access. I believe I cant use sp.Start_job because I need to pass parameters. I was able to enable xp_cmdshell.
My Database Definition:
Database A
- Order table
Database B
- Email notification Table
What I need to do:
Any time an order is entered into Database A, I need to enter a row into Database B with values of the order. So I need to have parameters
What I have tried:
- xp_cmdshell #query='DTEXEC /f "\\Server\Folder\SSIS Packages\Order confirmations\Order confirmations\Package.dtsx" /DECRYPT password'
1. I get an error saying access denied. I tried setting up sp_xp_cmdshell_proxy_account (##xp_cmdshell_proxy_account##) to an account that has access to the network drive where the file is stored, no luck.
2. whoami.exe shows NT/Authority \System instead of my proxy account.
3. GRANT EXECUTE on xp_cmdshell to [mydomain\myAccount] didnt have any affect.
Whoami Results
xp_cmdshell Results
Any suggestions? The job runs fine if I set it up with SQL Server Agent. Eventually I will just call xp_cmdshell from a trigger on Database A table Orders to enter the data into Database B and then fire off an email with sp_send_dbmail if some conditions are met.
The only way that I could currently find (Without resturcturing permissions in SQL and the network was to give read/execute permission to SQL server. Not my ideal solution, but it works.
Hope this helps someone
Related
I need to keep track of every select,update,delete and insert of a certain mysql user.
I have try this solution .
I can see on localhost the general_log table that contains all the queries created by a mysql user. Anyway i have tried this solution on a shared machine and i obtain this message:
SELECT command denied to user for table 'general_log'
So my question is, there is a common (and compatible) behaviour to create a complete queries log in a web application ?
I have 2 table, one is local named 'Client' and other is a linked table to MySQL DB in my web-server named 'ClientSql'.
When I insert data into the table Client, I want it to be insert into clientSql too. I try it with data macro (after insert), but it shows me an error saying
It's not possible in linked tables.
I have tried to create an append query successfully, and it works, but it just works if I execute it manually. My question is:
Is it possible to call it from a data macro? if is possible, can you show me how? If not, can you point me to a solution?
I'm not sure why you should be able to do it manually, but not via a macro. According to this link
http://dev.mysql.com/doc/connector-odbc/en/connector-odbc-examples-tools-with-access-linked-tables.html
you should be able to do it either way.
Another thought is to eliminate the local access client table and have the access program update the mySql table directly. However, if another program is accessing the client table at the same time, this could become tricky due to multi-user and locking situations.
I am getting the following error
Cannot execute as the database principal because the principal "dbo"
does not exist, this type of principal cannot be impersonated,
or you do not have permission.
I read about ALTER AUTHORIZATION, but I have no idea what database this is happening in. This error is getting spit out very frequently, and grows the error log by about 1GB every day.
I resolved this issue by setting database owner. My database did not have had any owner before this issue. Execute this command in your database to set owner to sysadmin account:
use [YourDatabaseName] EXEC sp_changedbowner 'sa'
Do Graphically.
Database right click-->properties-->files-->select database owner-->select [sa]-- ok
USE [<dbname>]
GO
sp_changedbowner '<user>' -- you can use 'sa' as a quick fix in databases with SQL authentication
KB913423 - You cannot run a statement or a module that includes the EXECUTE AS clause after you restore a database in SQL Server 2005
After restoring a Database from SQL2016 to SQL2019, I had the same issue when I try to access Database Diagrams. I had the correct Database owner already but owner of Files was empty. Once I set that, it worked properly...
This may also happen when the database is a restore from a different SQL server or instance. In that case, the security principal 'dbo' in the database is not the same as the security principal on the SQL server on which the db was restored.
Don't ask me how I know this...
another way of doing it
ALTER AUTHORIZATION
ON DATABASE::[DatabaseName]
TO [A Suitable Login];
Selected answer and some others are all good. I just want give a more SQL pure explanation. It comes to same solution that there is no (valid) database owner.
Database owner account dbo which is mentioned in error is always created with database. So it seems strange that it doesn't exist but you can check with two selects (or one but let's keep it simple).
SELECT [name],[sid]
FROM [DB_NAME].[sys].[database_principals]
WHERE [name] = 'dbo'
which shows SID of dbo user in DB_NAME database and
SELECT [name],[sid]
FROM [sys].[syslogins]
to show all logins (and their SIDs) for this SQL server instance. Notice it didn't write any db_name prefix, that's because every database has same information in that view.
So in case of error above there will not be login with SID that is assigned to database dbo user.
As explained above that usually happens when restoring database from another computer (where database and dbo user were created by different login). And you can fix it by changing ownership to existing login.
Under Security, add the principal as a "SQL user without login", make it own the schema with the same name as the principal and then in Membership make it db_owner.
Also had this error when accidentally fed a database connection string to the readonly mirror - not the primary database in a HA setup.
As the message said, you should set permission as owner to your user. So you can use following:
ALTER AUTHORIZATION
ON DATABASE::[YourDBName]
TO [UserLogin];
Hope helpful!
Leave comment if it's ok for you.
In my case I got this error when trying to impersonate as another user. E.g.
EXEC AS USER = 'dbo';
And as the database was imported from another environment, some of its users did not match the SQL Server logins.
You can check if you have the same problem by running the (deprecated) sp_change_users_login (in "Report" mode), or use the following query:
select p.name,p.sid "sid in DB", (select serp.sid from sys.server_principals serp where serp.name = p.name) "sid in server"
from sys.database_principals p
where p.type in ('G','S','U')
and p.authentication_type = 1
and p.sid not in (select sid from sys.server_principals)
If in that list shows the user you are trying to impersonate, then you probably can fix it by assigning the DB user to the proper login in your server. For instance:
ALTER USER dbo WITH LOGIN = dbo;
Go to the Properties - Files.
The owner name must be blank. Just put "sa" in the user name and the issue will be resolved.
I have a SQL Server 2008 database with 10 windows users who all have permissions to Insert, Update and Delete tables. Each table has a trigger that writes to an audit table in a different database.
Currently for this to work I have to give the user write permissions to the audit database as well, otherwise the trigger will throw an error.
I could give Insert permission only for each individual user, but I was hoping that there might be a more elegant solution for this problem. Especially from a standpoint that users get deleted/added which would mean setting them up in two databases rather than one.
Ideally I would like to use one account that does all the audit work.
When you create a trigger you have the option to specify credentials: see "Execute As" (http://msdn.microsoft.com/en-us/library/ms189799.aspx and http://msdn.microsoft.com/en-us/library/ms188354.aspx).
I have an issue with SQL replication that I am having trouble fixing. What I am doing is restoring two DBs from a production backup, and then installing replication between them. The replication seems to be configured without any errors, but when I look at the status I see error messages like this:
Error messages:
The process could not execute
'sp_replcmds' on 'MYSERVER1'. Get
help: http://help/MSSQL_REPL20011
Cannot execute as the database
principal because the principal "dbo"
does not exist, this type of principal
cannot be impersonated, or you do not
have permission. (Source: MSSQLServer,
Error number: 15517) Get help:
http://help/15517
The process could not execute 'sp_replcmds' on 'MYSERVER1'.
Get help: http://help/MSSQL_REPL22037
What does this mean?
When I had this problem, my database didn't have an owner set properly. I had restored a database from another windows domain, right clicked the database -> properties and verified in the "general" tab that the owner was set correctly. However, in the "files" tab, owner was not set at all. As soon as I set it, replication was running without problems.
'dbo' maps to a login that is invalid. If you run select suser_sname(owner_sid) from sys.databases, you probaly get NULL for those two DBs. You need to change 'dbo' to a valid login. Run, on both databases:
ALTER AUTHORIZATION ON DATABASE::[<dbname>] TO [sa]
The easiest way to correct the error is to use ALTER AUTHORIZATION on the databases which have the NULL login match for dbo.
I found that if you use article filters, you must use a unique filter name. Once I changed the filter name to be unique across all articles, it fixed this issue.
In our case the service account that the SQL instance was running on got locked. Once unlocked and we stopped/restarted the LogReader SQL agent jobs then things started flowing again.