I am trying to access a folder/directory using 'EXEC MASTER..XP_CMDSHELL' it works for the local file/folder, how ever it can not access the folder over network.
EXEC MASTER..XP_CMDSHELL 'c:\Images' --Works fine
EXEC MASTER..XP_CMDSHELL '\\IPaddress\Images' -- returns "Access is denied."
Please note that i can access the network location but not using sql server.
Sql server is running under Winodws Authentication mode.
Sql server is using 'nt authority\network service' account to access the remote Folder.
Regards
If you run xp_cmdshell 'whoami.exe' it will tell you the account the command is running under. If this account doesn't have permissions on the network, you'll get the error you are seeing.
Check the SQL documentation for changing this account/permissions.
When you have to put file, like BCP result, or a backup in a remote drive, just map this drive into windows don't work, it must be mapped on SQL Server to!, to do this, try some link like this:
exec xp_cmdshell 'net use p:\ \Server\Folder\Folder\Folder\ /Domain\Login /Password'
Reference : https://social.msdn.microsoft.com/Forums/en-US/6eca2d62-eb86-4f23-9b86-6f917017f50c/bcp-utility-via-xpcmdshell-and-network-drive?forum=sqlsecurity
Related
I am executing the below query in SQL server 2008 to get the file details from the shared path.
DECLARE #ExecString VARCHAR(255)
SELECT #ExecString = 'dir \\<HostName>\D$\DBObjects\DBObjects_v*.SQL /B'
EXEC master..xp_cmdshell #ExecString
It is error out and returning below error message
Login failure: unknown user name or bad password.
If I copy the exact query and run it to Command prompt, provides the proper result. Below is the query executed by CMD Prompt
dir \\<HostName>\D$\DBObjects\DBObjects_v*.SQL /B
Please help me how to resolve this issue.
The latest Microsoft KB patch changing UAC restrictions on the network. Due to which, unable to access the network path of host server from store server so the required files are not copying from Host server to Store server.
Disable UAC remote restrictions to fix for this issue
Add LocalAccountTokenFilterPolicy key with value 1 in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Refer below link for more details
https://helgeklein.com/blog/2011/08/access-denied-trying-to-connect-to-administrative-shares-on-windows-7/
I am trying to copy a file from a remote path to my local machine using xp_cmdshell in SQL management studio.
The following are the steps i use:
1. Establish a connection
exec xp_cmdshell 'net use L: \\remoteServer\folder /user:domain\username ImPWD'
2. Re-connect
When i execute exec xp_cmdshell 'net use', the status of L is unavailable.
So I ran exec xp_cmdshell 'net use L:'
This doesn't help anyway. It still is unavailable!
3. Copy file
EXEC xp_cmdshell 'COPY L:\Fol1\SubFol2\File.xlsx C:\work\file.xlsx'
This is the error i get:
The system cannot find the file specified.
I have tried the following but nothing seems to work yet:
Found the user credentials that is used by xp_cmdshell and tried connecting to the shared path manually through windows UI and it seems to work. Therefore i concluded that there are no permission issues.EXEC xp_cmdshell 'whoami.exe'
Ran the queries as a normal user and an administrator. Both resulted in the same output.
Here are my questions:
Am I missing some step?
Why is the connection getting unavailable after the first connect?
How to delete connection? i.e When i run exec xp_cmdshell 'net use * /delete' it asks
Do you want to continue this operation? (Y/N) [N]:
I am not sure how to say 'Y' using management studio query.
Thanks for your help in advance! :)
How to delete connection?
To delete connection use:
exec xp_cmdshell 'net use * /delete /y'
(yes) will be silently passed
As for other questions: you mentioned in comment that your folders in path have spaces so you could:
rename folders
wrap with ""
I am creating user creation script in an SQL Server 2008 Database Server project in Visual Studio 2010.
The script looks like this...
CREATE LOGIN Domain\User FROM WINDOWS
I will be developing on both my desktop PC and laptop. Neither run on a domain and use local users e.g. DESKTOP\TestUser and LAPTOP\TestUser.
What I need to do is to somehow inject a variable into the script that automatically sets the domain name. I believe in SQL Server this is ##SERVERNAME. Then I can work on both my PCs and the script will work. At present if I run it on say my laptop I get an error as DESKTOP\TestUser is not a Windows Principal on my laptop.
I have looked at the .sqlcmdvars files and I can set a variable in there that gets injected into the script. However I cannot seem to get this to something dynamic such as ##SERVERNAME.
I have also looked at running EXEC from my post deployment script but I get an error saying that this command is not valid in this context - I believe that means that EXEC is not accepted in the VS2010 DB project.
You can use the following script to achieve that. It works for me well and creates a login for the local user:
declare #sql nvarchar(max) = N'create login [' + ##SERVERNAME + N'\TestUser] from windows'
exec(#sql)
I have the ff: scenario,
I have two servers, 1 outside(ServerB), 1 inside a domain(ServerA)
ServerA has an sp that uses xp_cmdshell to call a batch file from ServerB
Inside the batch file is an "XCOPY", when I execute the stored procedure I'm getting an "ACCESS IS DENIED" message,
I know it has something to do with permission but who's permission, where do I start?
You should check the rights of the account used for the SQL Server service. You can see the name of this account (or change it to annother account) using the SQL Server Configuration Manager.
I am trying to add user permissions using this stored procedure:
exec sp_addrolemember db_datawriter, MYUSER
The database is MS SQL 2005 and within SQL Management Studio the stored procedure works correctly using my authorized windows login.
I created a simple HTML CGI website with Python as the scripting language using pyodbc. I also created a local user 'dataviewer' login that I used when pyodbc connects that has the following server role permissions the same as my windows login:
On the website I echo back the sql command that Python used and copy and paste the exact command in SQL SMS and the stored procedure works correctly. It seems as though there is a security conflict somewhere but not sure what is happening becasue my windows login has the same server roles permission as the dataviewer login.
Either commit the transaction with Connection.commit(), or set autocommit=True in connection string.