SQL Server 2012 Active Directory authentication - authentication

I recently did a backup/restore of some catalogs from one server to another. Both servers are still up. User access to the servers is controlled via Active Directory and server roles. On the old server, there is no issue with continued user access. On the new server, however, we get log on errors. As near as I can tell (I may not have total access), the group set-up are the same on both servers. Where can I look for differences?
Databases: SQL Server 2012 11.0.3000
OS: Windows Server 2008 R2 Enterprise SP 1
Testing: access was tested through Access (used only for the UI) and Excel connecting to SQL Server.
User accounts: Access is done through a domain lookup, not a local account.
My hope for an answer is some direction in investigation. I am not a DBA. support process is moving too slow. It is a production issue so I am hoping to get a resolution quickly.
Michael

What I found out was that the ad group must be in both the server security group as well as the catalog security. for the affected ad group, it was only in the catalog security group, not the server. thanks.

Related

How to share sql server 2008R2 database

I want to share my SQL Server 2008 R2 database between some computers on the same network without using a Server. How can I do so? I mean i just want two users access the same Database through A network or LAN. Both can use database,update database,delete data from database
is it possible ?
The file: mdf MS SQL can not be shared directly.
Although, once installed MS SQL any user with privileges on the database can access it.
It is not necessary to share the MDF file. MS SQL is responsible "sharing" the users enter data accessing it.
Greetings.
SQL Server can only be installed on a Windows Server system (except for the Developer's edition, and SQL Express).
However, all versions (except CE) can be shared among multiple clients. Just start up the server, make sure that the TCP protocol is enabled (using the SQL Server Configuration Tool), and that your Windows Firewall is not blocking port 1433.
A server just happens to be a term used for otherwise a "normal" computer. The designation server usually means that it is dedicated for a certain task. Technically speaking, any computer can be a server--even your own workstation while you are using it for other tasks. So, just put the database on one of the user computers which is on the network (hence accessible to desired users on the network) and go for it.... Good luck!

SQL Server repository for informatica powercenter

I have a powercenter 9.1 installation on windows server 2008 R2.
The repository is on the same box, hosted on sql server 2012. I have configured a new user (with sql server authentication) and have the repo db owned by that user. (it has the owner role)
The core problem : I am not able to run a simple test workflow on this setup.
Here's what I have been trying
The windows firewall has been taken down now for about an hour or so.
The repository service and integration service are running in trace/debug mode respectively.
The integration service log complains that it cant find a certain session for a certain workflow in certain folder (with ids for all of them).
When I log into sql server mgmt console, and try to query the repository tables for those exact items (since i have the ids from logs), all the data is present...
I fail to understand what is that I am messing up...
Disclaimer - my knowledge of sql server is really low.. may be 1 or 2 on scale of 10, since I have been living on the other side of fence (with oracle) for all of my career...
Did you try keeping the sql server login/user name and the associated default schema name as same?

password protecting my SQL Server database from users

I am a bit confused after reading around the internet that this cannot be done.
I have an application that I install on clients machine. This application uses SQL Server 2008 database that is installed along with the application. The database contains some tables that contain important information like giftvoucher balance.
I want to prevent unauthorised access to the database but problem is since I am installing my database on client machine they already have access to the SQL management studio through windows authentication.
Is it possible to prevent them from getting access to my database and tables ?
Your options:
DBDefence (not free)
Transparent Data Encryption
Switch to Sql Server Compact Edition

Listing Windows Server 2008 Enterprise local User Accounts without logging in

I have a Windows Server 2008 Enterprise installation on a server and I cannot remember the local user-accounts or passwords, so I'm unable to log in to the server. (This server was not been used for a while). Is there anyway that I can list the local user-account names without logging in?
You could use tools like ERD Commander, however I'm not sure whether it works with W2K8

SQL Windows Authentication

We currently use SQL 2008 with Windows Authentication disabled, we only allow SQL Mixed for accessing SQL.
We are wanting to switch our version control software to Team Foundation Server, which requires Windows Authentication.
Which ended up being a bit of a problem, I've talked to our DBA and Windows Authentication is not an option, nor is putting SQL on the server where TFS will reside.
Issue is, from what he is telling me, you are unable to just enable Windows Authentication just for a single user, its either on or off for all users.
Is this correct? What other options are there?
You need to have another talk with the DBA.
There are 2 options for authenticating to SQL Server:
Windows Authentication (only)
Both Windows Authentication and SQL Server Authentication
Yes it is true that if you turn on the latter option also known as Mixed Mode, and it applies to the server (which will now accept Windows Auth) - it does not mean that suddenly all valid Windows users will get access to SQL Server!
The Windows logins still have to be added as SQL users (SQL login != SQL user[principal]) and they can then belong to roles etc, so you would only need to add the users for TFS.
In fact, you cannot possibly disable Windows Auth - so I don't see why the DBA should be complaining about "turning on" Windows Auth.
This is probably what you need to do:
Add a new domain group "sqltfs"
Create a SQL user out of the Windows security Group "domain\sqltfs"
Grant all the access required to the new user (or indirectly through a role)
add all the TFS users into the domain group "sqltfs"
This way you can all continue to use SQL logins where it matter (existing code), while still gaining access via TFS -> SQL Server through the domain group membership
This probably belongs on superuser, but I'll take a stab at it. From my SQL 2008 R2 management console, the DB server can run in either pure Windows Auth mode, or mixed Windows auth + SQL auth. It can't run in SQL auth only.
Since you say you're in mixed mode, I can't see why he can't add another user to the DB that uses a windows domain account, rather than a local SQL server account. Mixed mode allows both.