I am the admin of my SQL server which I have created and I am testing on altering server level roles and for that I am trying below commands. The first one returns executed successfully and the second one returns 0, which means I dont have that spoecific server role. can anyone explain me why this is happening. What wrong am i doing here?
ALTER SERVER ROLE ##MS_ServerStateReader##
ADD MEMBER zzzsharepoint;
GO
select IS_SRVROLEMEMBER('##MS_ServerStateReader##', 'zzzsharepoint')
This is documented behaviour:
Return Types
int
Return value
Description
0
login is not a member of role. In Azure SQL Database, this statement always returns 0.
1
login is a member of role.
NULL
role or login is not valid, or you do not have permission to view the role membership.
For whatever reason, the documentation on Azure SQL Databases suggests otherwise. It also suggests using a query to check the permissions, however, that always returns no results as well. If the ALTER SERVER ROLE ran successfully, I would suggest that the role has had the role added.
I have created two accounts in two different regions(Us-East & Asia). Now I am trying to do replication of database from US-East to Asia account.
Below are the steps I followed.
US-East
select current_region();
use role accountadmin;
show global accounts;
use role orgadmin;
select system$global_account_set_parameter('SI49837', 'ENABLE_ACCOUNT_DATABASE_REPLICATION', 'true');
show organization
accounts;
alter database DEMO enable replication to accounts fe85487.ap_south_1;
After executing above alter statement I am getting below error.
SQL compilation error: Object 'AP_SOUTH_1' does not exist or not authorized.
I am unable to add existing account(Asia Pacific) to ORGADMIN role.
Can anyone help me how to add existing asia pacific account to ORGADMIN account.
I am following the instruction in Microsoft Learn Page
https://learn.microsoft.com/en-us/learn/modules/understand-the-sql-dw-connector-with-azure-databricks/5-create-tables-perform-queries
As I copy and execute the SQL queries in Azure Data Studio, it said it has syntax error
You can refer the code in the above link and the result in the below picture
Thanks for your help
I searched a lot and found that if you want to create table in master DB, the user must be the dbcreator role.
Reference:How to fix "CREATE DATABASE permission denied in database "master" ?
But for Azure SQL database and SQL Data Warehouse, the dbcreator role is not supported. We can not create table in master db, even with ServerAdmin.
You could reference:
Server-Level Roles
Database-Level Roles
Hope this helps
You can not create tables in master database. You have to select the data warehouse database.
I have a database A where I have CREATE DATABASE LINK privilege and a database B where I can connect as a read-only user (I don't have the privilege here). I just want to do SELECT queries.
I would like to know if it's possible to create a database link on this user.
I did many researches about my problem, but nothing works.
I also tried SET TRANSACTION READ ONLY but it did nothing.
CREATE DATABASE LINK dblink_name
CONNECT TO user_with_read_only
IDENTIFIED BY password
USING('(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=<host>)(PORT=<port>))(CONNECT_DATA=(SERVICE_NAME=<service_name>)))
I got those errors:
ERROR at line 1:
ORA-00604: error occurred at recursive SQL level 1
ORA-16000: database open for read-only access
SQL Server is not my strong point and I start to get lost when going past the basic Create Table, Select from Table etc.
I am attempting to set up a database synchronisation scenario with an Microsoft SQLCompact 3.5 database being Synced through a Proxy to and SQL 2008 R2 database. It is being synced through the Microsoft Sync Framework 2.1.
I got everything set up and working fine through the proxy when the user account is the db_owner of the database.
Of course this now needs to be locked down - so I have been trying to restrict the permissions to the bare minimum required for Synchronisation.
According to the Microsoft articles, I need to do the following...
Use the principle of least permission. Do not grant more permissions than are required to perform a specific task. For example, do not grant INSERT permissions for server database tables that are involved in download-only synchronization. Synchronization operations require the following permissions:
EXECUTE permissions on all the stored procedures that Sync Framework uses to read and write to metadata tables and base tables.
SELECT, INSERT, UPDATE, and DELETE permissions for metadata tables and any base tables that will be updated during a synchronization session.
When you provision SQL Server databases that use SqlSyncProvider, be aware of the following permissions requirements for provisioning:
CREATE TABLE permissions to enable creation of the metadata tables: scope_info and scope_config, and the tracking tables that are created for each base table.
ALTER TABLE to add triggers to the base tables.
CREATE PROCEDURE permissions to create the procedures that Sync Framework requires.
SELECT and INSERT permissions for scope_info and scope_config tables.
SELECT permissions for base tables.
I allowed the wizards in Visual Studio 2010 to create the Sync database and proxy for me.
As such - I am unable to find the scope_info and scope_config tables in SQL Server databases, and I am also unable to find the metadata tables so cannot set permissions on these tables. Also - where would I find the stored procedures that the Synchronisation framework is trying to use - I have looked but cannto find them.
Where would I find these and how would I go about setting the appropriate permissions?
I have granted datareader and datawriter, Insert, Update, Delete and Select as well as Execute permissions on the SQL Server database but the sync fails. I have also granted Create Table, Create Procedure and ALTER permissions on the database for the user as well- but still it fails.
If i enable the db_owner role for the user - it works.
The error I receive is:
Unable to initialize the client database, because the schema for table 'tblApplications, tblApplicationConfiguration, tblApplicationInstallProperties, tblApplicationPreRequisites, tblApplicationTypes, tblComputerApps, tblComputers, tblComputerTypes, tblDriveHWSerials, tblDrives, tblDriveTypes, tblFunctions, tblLocationApps, tblLocationComputers, tblLocationIPAddress, tblLocations, tblLocationUsers, tblPermissions, tblRegionLocations, tblRegions, tblRegisteredModules, tblRequestFormats, tblRequestStatus, tblRequestTypes, tblRoles, tblRoleUsers, tblSecurity, tblUsers, tblVehicle, tblVehicleLocationMap, tblVehicleMake, tblRequestProcessingStatus, tblDriveStatus, tblVideoViewTypes' could not be retrieved by the GetSchema() method of DbServerSyncProvider.
Make sure that you can establish a connection to the client database and that either the SelectIncrementalInsertsCommand property or the SelectIncrementalUpdatesCommand property of the SyncAdapter is specified correctly.
I am not able to use the db_owner role when its released.
there are two types of database providers in Sync Framework, the offline provider (SqlCeClientSyncProvider/DbServerSyncProvider) which is used by the Local Database Cache project item and the collaboration/peer-to-peer provider (SqlSyncProvider/SqlCeSyncProvider).
the offline providers dont use the scope_xxx tables as such you wont find it.
assuming you used the default SQL Server Change Tracking when you configured the sync via the wizard, try granting VIEW CHANGE TRACKING permission to the account you're using to connect to the database.
I'm not sure if it will help, but I found this:
Try to set UploadOnly on the SyncTable object instead. When you set it on the SyncAdapterBuidler, the select incremental commands are not generated by the builder. These commands are used to get the table schema from the database. Since these are missing you are getting the schema error.
Also, maybe this blog entry will help.
As JuneT Mentioned, you should turn on Change Tracking
ALTER DATABASE YourDataBaseName
SET CHANGE_TRACKING = ON
(CHANGE_RETENTION = 2 DAYS, AUTO_CLEANUP = ON)