I have a problem with web replication. I Have a SQL Server with a publication for merge and 1 WEB IIS Server where is installed replisapi.dll. both servers on same domain on same LAN
When I try to diagnose the replisapi.dll it give me access denied error.
https://MYWEBSERVER/SQLReplication/replisapi.dll?diag
after ask me the credential it give me this error
Access Denied because of no WebSyncDiagAccess.
can you help me? thanks
There are two places you need to check.
Check application pool if it enables 32-bit applications. Enable it.
Then check application pool identity. Use administrator or local system. Other identity may not have enough permission to replisapi.dll.
Related
I am trying to backup my sql server 2005 database using the query
backup database marksheet to disk='e:\backup\marksheet.bak'
when i execute the query it shows the following error
cannot open backup device 'e:\backup\marksheet.bak' operating system
error 5(access is denied)
I am using windows xp
please help me..
The account running the SQL Server service does not have access to that folder.
It doesn't matter if you have access to that folder.
You need to check the security permissions on the folder you are trying to backup to. Make sure the service account (Network Service) has write permissions. It may well not do.
SQL on changing the service account changes the permissions on the critical drives it knows about but won't do it for all the drives in a server.
Try adding the domain account that runs all SQL Services to the security of "e:\backup\".
I was supposed to set up a localhost for a user. But it turned out that the website is on an SQL server and not MySQL.
I installed wamp and the website runs fine. But wherever there is a database connection, it tries to connect to the remote server, which doesn't give access. I have some visual studio and configuration files and what not. And I am clueless about what to do.
The website on the localhost tries to connect to the remote server, but i get this message:
"Could not connect. Array ([0] = ... Login failed for user '####'... cannot open server '########' requested by client. client with ##### IP is not allowed to access this server. To enable access, use the SQL Azure Portal or run sp_set_firewall_rule on master database..
I also have this bit of code in the connection file, that i think shows that the database is hosted on this website:
$srver = "http://########.cloudapp.net/";
Any help will be appreciated!
When you configure SQL Azure, you can specify what the allowed IP addresses are. As the error message indicates, the requesting IP is not authorized to access that database.
How to: Configure the SQL Azure Firewall
SQL Azure Firewall
I'm trying to migrate a legacy application we have to Windows Server 2008 x64 and IIS7. It's written in Classic ASP and connects to a SQL Server 2005 database.
However, when the page runs, I receive the error:
[Microsoft][ODBC SQL Server Driver][SQL Server]Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
The connection string I'm using is: Driver=SQL Server; Server=SERVERNAME; Initial Catalog=DBNAME;
I can't see any reason for it to be using the anonymous logon as when it was running on my 32-bit Win2k3 server, it accessed the SQL Server using DOMAINNAME\SERVERNAME$.
I have the following settings.
SQL Server 2005 - running in mixed mode.
IIS7 Application Pool - Allow 32-bit applications set to True.
I've also added the server as a user on the SQL Server.
I've tried a few things now and I'm starting to run out of ideas.
There are some solutions.
use SQL authentication, instead of SSPI. It will work since your database is in mixed mode.
If for any reasons you won't change the authentication.
The NT AUTHORITY\ANONYMOUS LOGON is strange, by the way, just as if the database server and the app servers are not on the same domain. Please check this until proeding further.
1) Create an user in Active Directory
2) Create a application pool on IIS7 and as "Identity" , the user you've created
3) Grant this user the rights and roles you want on the DB
I think I've fixed it. Moving to Win2k8 means that I needed to change the connection string driver to SQL Native Client;.
Set the Anonymous Authentication credentials to be your Application Pool Identity.
(default is Specific User --> IIS User). Then you can use a Trusted Connection in your connection string as it will now use the AppPoolIdentity account.
Well, that failed login attempt is a classic example of code running under the "Local Service" account, rather than (what you had on Win2K3), where it was running under the "Network Service" account. Now you just need to find where that setting is.
For either the OP or future readers, you can:
1) Either use a dedicated service account, as suggested by Johan above, or
2) Use the AppPoolIdentity account and go to "Authentication", then select "Windows Authentication" and enable "ASP .NET Impersonation".
If you still get the same result after #2, you likely have the "double hop" issue cited by Damien - this is where the web server can authenticate you, but it does not allow you to pass those credentials on to the database for security reasons without using Kerberos. You would then need to set the server as "Trusted for Delegation" in AD and set up Kerberos as the authentication provider in IIS. This site helps with that: http://technet.microsoft.com/en-us/library/ee675779.aspx
I am trying to host a WCF service in IIS 6.0 on server 2003. And when I
browse to the server I get the following error.
SecurityException: Request for the permission of type
'System.Net.DnsPermission
Is this related to the permissions granted to the user account the app
pool is running under or some other problem, and how do I fix this.
This might be related to the settings for local Intranet. I am assuming that you are browsing from your PC to the server. Try this:
Connect to the server via Remote desktop (or just use the server console), then browse the service and see if you get the same error.
If you do not get an error:
On your PC add the address of the server to local intranett, then try and browse the service again.
Good luck
Shiraz
To answer the replies.
Yes that was the entire error message Terry. It didn't appear to be a WCF issue but a security configuration problem on the web server that wasn't allowing DNS Permission as required by WCF.
The problem was resolved by uninstalling SharePoint services on that server where the WCF service was being hosted. Not sure still, why SharePoint would change the security permissions.
I am trying to replicate a database from SQL server 2000 to 2005 they are located on two different servers both running Windows Server 2003 R2. Im am using SERVER1(SQL2000) as the Transactional publisher and distributor and SERVER2(SQL2005) is the subscriber. I can set up the publication and subscription but when I try to syncronize them I get the following error:
SERVER1-TestReplication-TestReplication-IBSCNVII-ReplicationCNVII_2-99956FE2-402A-48D5-B801-2CBADF12BD3E has server access (reason: Could not obtain information about Windows NT group/user '', error code 0x5. [SQLSTATE 42000] (Error 15404)).
Do I need to add my domain user to a certain user group on server? Any ideas?
0x5 means "access denied" and that you're not allowed to query active directory user information. Likely, the sql server service account does not have proper domain privileges to perform look ups in AD. This could be caused by an account password simply being expired and therefore not enabling SQL to validate against AD or some other issue like services running as local system and not a domain account.
I would recommend confirming that both SQL servers are using a valid domain account and not something like local system. Then check that that domain account isn't locked up or expired.
make sure that the service account you are using to execute the replication has the appropriate rights to both your SQL servers
Aye, check your SqlAgent account in services.msc. Make sure it is a user with rights (in the domain and in SQL). If that fixes it, make sure you lookup the minimum rights required before you go into production.