The original owner of the Database has left the company, so I want to change the owner to myself, however, it failed.
When I tried through SSMS: Database properties->Files->Owner, it give the error message like:
Set owner failed for Database XYZ.
An exception occurred while executing a Transact-SQL statement or batch.
Lock request time out period exceeded. (Microsoft SQL Server, Error: 1222)
And when I tried through script with the query:
ALTER AUTHORIZATION ON DATABASE::XYZ TO [MyUserName]
The query seems blocked and run forever without success.
Can anybody give some help?
Queries using dbo-owned objects will acquire a schema stability lock on the existing database owner principal. The ALTER AUTHORIZATION will need a schema modification lock on the same principal, and are thus blocked due to the incompatible lock. You can query sys.dm_tran_locks to identify the blocking sessions.
Related
It is possible to view and analyze queries in SQL Server before implement on database and log or drop it if necessary?
For example some application send an update query to SQL Server, can I first log it to a database, and then possibly reject it if the query is illegal based on my roles?
You can use SQL Profiler to monitor queries sent to server, but you can't do what you wnat to.
If you say it is illegal for smoe roles to execute some queries it should be specified in permissions - every role have assigned permissions.
One way to achieve what you want is to define user, which mentioned applciation would use (I would even create dedicated user). Then, if you want this user to execute SELECT, just execute such command
GRANT SELECT ON [table] TO [user]
Then the user won't be able to update table, just select rows from it.
I found solution to use SQL SERVER triggers so after insert or update I check my role so if there is any access problem I can rollback transaction and send error to user.
I use SQL Server 2008 and AdventureWorkDB.
I want enable Change Data Capture in my database.
I execute this command :
USE [AdventureWorksDB];
GO
EXEC sys.sp_cdc_enable_db ;
But i get this error :
Could not update the metadata that indicates database X is enabled for
Change Data Capture.
The failure occurred when executing the command 'SetCDCTracked(Value = 1)'.
The error returned was 15517:
'Cannot execute as the database principal because
the principal "dbo" does not exist,
this type of principal cannot be impersonated,
or you do not have permission.'.
Use the action and error to determine the cause of the failure and resubmit
the request.
How I can fix it ?
After googling
I fix it with this command :
EXEC sp_changedbowner 'sa'
I must add DataBase owner to my database.
I have a SQL Server 2008 R2 implementation with Service Broker turned on for a .Net/IIS website running on the same box.
It doesn't throw an error when the global.asax application_startup event fires, however the event log is spammed every second with:
[dbo].[SqlQueryNotificationStoredProcedure-e6946263-93b8-445e-9d92-6fbd49a4b089]'
running on queue
'XXXXXX.dbo.SqlQueryNotificationService-e6946263-93b8-445e-9d92-6fbd49a4b089'
output the following: 'The database owner SID recorded in the master
database differs from the database owner SID recorded in database
'XXXXXXX'. You should correct this situation by resetting the owner of
database 'XXXXXXX' using the ALTER AUTHORIZATION statement.'
Also, the Service Broker is not correctly sending messages (for a SqlCacheDependency) - it basically doesn't work.
I have run the following query and determined there is an ownership mismatch:
SELECT
SUSER_SNAME(d.owner_sid) AS OwnerName
,d.owner_sid AS OwnerSID
,dp.sid AS DboUserSID
,SUSER_SNAME(dp.sid) AS DboUserMapping
FROM sys.databases AS d
JOIN sys.database_principals AS dp ON
dp.name = 'dbo'
WHERE d.database_id = DB_ID();
OwnerName: usrAAAAA
OwnerSID: 0xAAAAA
DboUserMapping: sa
DboUserSID: 0x01
Most places I have seen suggest that I should use ALTER AUTHORIZATION to explicitly set "sa" as the database owner. However, I am unsure if it should be set to sa or usrAAAAA, and I'm not sure if there are any likely implications (what other things could I break? if any).
Any help on this would be greatly appreciated.
Setting the database owner to 'sa' is the most likley to work without causing other problems, but there can be some security related issues with it as explained here: are there reasons I should not set my db owner to sa?.
Note also that, depending on your application requirements and how the accounts are used, if you remove 'usrAAAAA' as the dbo, you may need to add them back in to the DB as a user, and you may also need to give them permissions (such as 'db_owner'). If this is the case, and you have set your database to TRUSTWORTHY (as is often required by Service Broker related usages), then you should probably set the owner to 'usrAAAAA' instead and try to get that to work.
I'd like to create a SQL table which stores/captures user access or activities for a particular database.
For example, a table which has an entry for username, database accessed/queried, activity time etc everytime a user logs into a server and queries a particular db.
I know there's the .txt log file somewhere I would look up - but is there an easier way of doing it automatically?
How would I go about doing this?
Thanks in advance!
You can capture login activity in the SQL Server error log (turn on Login Auditing for "Both failed and successful Logins"):
USE [master];
GO
EXEC xp_instance_regwrite
N'HKEY_LOCAL_MACHINE',
N'Software\Microsoft\MSSQLServer\MSSQLServer',
N'AuditLevel',
REG_DWORD,
3;
Or by creating a LOGON TRIGGER and using that to log to a specific table.
However since there are no triggers on SELECT statements, capturing all queries would require pretty intrusive methods such as a server-side trace or SQL Server Audit.
Read about Logon Triggers in SQL Server
Before changing database schema I issue:
ALTER DATABASE SET RESTRICTED_USER
On completion:
ALTER DATABASE SET MULTI_USER
I understand that a running transaction will be permitted to continue until completion.
Q: Is there any way to wait till all regular users are off the database?
Q: Can the regular users issue more transactions? Can they continue working until disconnected from the server?
From SQL Server Books Online
http://msdn.microsoft.com/en-us/library/aa933082(SQL.80).aspx
If the termination clause is omitted,
the ALTER DATABASE statement waits
indefinitely, until the transactions
commit or roll back on their own.
So SET RESTRICTED_USER will wait until all transactions have completed before taking affect.
Once in place, regular users cannot issue further transactions, only members of the db_owner fixed database role and dbcreator and sysadmin fixed server roles can connect to the database.