can you help me to create linked server using some SQL command ?
subquestion : How to remove it ?
Check this sp_addlinkedserver command in SQL server to add a linked server
Check sp_dropserver command in SQL server to remove a linked server.
Only the servername is mandatory to be supplied to this command, rest all parameters are optional.
Here is a code example
--local linked server
EXEC sp_addlinkedserver
#server='FUSIONRIS',
#srvproduct='',
#provider='SQLNCLI',
#datasrc='MylocalServerName'
There is a also a GUI in SSMS to set up linked servers. Be sure to create a login -> db user on each server and to create the mapping between these two db users correctly either via your script or in the GUI. Also these users should have the least possible permissions, as when you are using linked servers, you are doubling your attack surface.
Related
I am working on a project and I have access to SQL Server as external user with limited privileges.
When I want to create a login for example with this command, I get permission denied:
CREATE LOGIN [login] WITH PASSWORD=N'test', DEFAULT_DATABASE=[master],
DEFAULT_LANGUAGE=[us_english], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF)
However when I try to create a login with this command I can make it and also I have privileges now to enable xp_cmd shell as well:
EXECUTE('EXECUTE(''CREATE LOGIN [test5] WITH PASSWORD=N''''test'''',
DEFAULT_DATABASE=[master], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF'') AT "hostname\domain"')
EXECUTE('EXECUTE(''ALTER SERVER ROLE [sysadmin] ADD MEMBER [test5]'')
EXECUTE('EXECUTE(''ALTER SERVER ROLE [db_owner] ADD MEMBER [test5]'')
Can someone please explain why is that?
EXECUTE('string sql statement') AT "hostname\domain" == the 'string sql statement' is a pass-through command executed at the linked server "hostname/domain".
Has someone created a loop-back linked server (a linked server that points to the sql instance itself)?
Linked servers have their own security configuration/settings. If the security of the linked server is configured (for any login) to be made under the security context of a privileged login(eg. sa) then exec('') at linkedserver will be executed with way more/elevated permissions (than expected). This is a major security issue/hole.
Check the security of the linked server and change accordingly (and do you really need a loopback linked server?)
I am going to start work on new Desktop application. There is I want to use light weight and standalone database so that I am going use SQL LocalDB but I want to add authentication. There I need username and password before accessing database but authentication not applied there please help me how can I do it.
If we cannot add username add password in SQL LocalDB then please suggest me any another database that will best for me and also I can use entity framework with that.
Thanks in advance
To add your new DB user to your MSSQLLocalDB you need to connect to it and execute this:
CREATE LOGIN your_user WITH PASSWORD = 'your_password';
CREATE USER your_user FOR LOGIN your_user;
EXEC sp_addrolemember 'db_owner', 'your_user'
Then you will be able to connect to MSSQLLocalDB database engine with SQL Server Authentication using these credentials.
Server name: (LocalDB)\MSSQLLocalDB
Authentication: SQL Server Authentication
User: your_user
Password: your_password
Or you can use instance pipe name instead of (LocalDB)\MSSQLLocalDB as a Server name (see below where to get it).
Initial connection to your local DB from SQL Server Management Studio (SSMS)
Initially to run the SQL command above you need to connect to your MSSQLLocalDB with Windows Authentication. You can do it in two ways (try the second if the first one won't work by default).
Using instance name
Server name: (LocalDB)\MSSQLLocalDB
Authentication: Windows Authentication
Using instance pipe name
From the command line go to C:\Program Files\Microsoft SQL Server\130\Tools\Binn\ (you might need to use other versions and replace \130\ with your folder name) and run SqlLocalDB.exe to find the local DB instances you have:
SqlLocalDB.exe i
Make sure you have MSSQLLocalDB listed. Then run this command to see the MSSQLLocalDB status (the first line) and start if it's stopped (the second line):
SqlLocalDB.exe i MSSQLLocalDB
SqlLocalDB.exe start MSSQLLocalDB
Then you can execute SqlLocalDB.exe i MSSQLLocalDB again to see the the instance pipe name. Something like this np:\\.\pipe\LOCALDB#D7900618\tsql\query
To connect in SSMS you need to enter:
Server name: np:\\.\pipe\LOCALDB#D7900618\tsql\query
Authentication: Windows Authentication
just want to add you need sysadmin role so you can create databases
using this code
ALTER SERVER ROLE sysadmin ADD MEMBER your_user;
GO
use this :
SqlConnection con = new SqlConnection("Server= localhost, Authentication=Windows Authentication, Database= employeedetails");
con.Open();
if you want sql server authentication than read this :
http://msdn.microsoft.com/en-us/library/ms162132.aspx
I can add a link server with EXEC sp_addlinkedserver, (With no credentials) successfully, however, I need to provide a username and password to a server if the Windows Authentication doesn't work.
So I have tried using
EXEC sp_addlinkedsrvlogin #rmtsrvname='ServerName',
#useself=N'False',
#locallogin=NULL,
#rmtuser='sa',
#rmtpassword='Password'
Which this error appears
Msg 15015, Level 16, State 1, Procedure sp_addlinkedsrvlogin, Line 49
The server 'ServerName' does not exist. Use sp_helpserver to show
available servers
.
I dont understand as looking online, I have understood the two prodcecures to be the same, but sp_addlinkedsrvlogin takes a username and password and then creates the link server. I guess I have this wrong? So if I have, is there a SQL Server Procedure that will do what I want?
Cheers
I have understood the two prodcecures to be the same
Incorrect. sp_addlinkedsrvlogin is documented as:
Creates or updates a mapping between a login on the local instance of SQL Server and a security account on a remote server.
Nowhere is said that it creates a linked server. In fact the very first argument is properly documented as:
#rmtsrvname Is the name of a linked server that the login mapping applies to
You first create the linked server via sp_addlinkedserver, you then add the linked server login via sp_addlinkedsrvlogin.
I need to create a linked server against a SQL Server 2012 Availability Group and I want to have all requests routed to the read only replica. However, I have been unable to determine how I can specify the ReadOnly Application Intent in order to ensure that the request is routed to the correct replica.
Has anyone sucessfully configured a linked server in this manner?
I have tried both methods and the below (from the Microsoft tech site) works
EXEC sp_addlinkedserver
#server = N'linked_svr',
#srvproduct=N'SqlServer',
#provider=N'SQLNCLI11',
#datasrc=N'AG_Listener_Name',
#provstr=N'ApplicationIntent=ReadOnly',
#catalog=N'MY_DB_NAME';
When testing a Linked Server connection to the database I found that I was still hitting the primary database even when specifying ApplicationIntent=ReadOnly in the connection parameters.
After further investigations I found that the root cause for this was because the default database associated with that login was set to "master". This can be tested by running the following query:
sp_helplogins
To avoid this issue I now use the following connection parameters to ensure I am connecting to the database replica:
ApplicationIntent=ReadOnly;Database=database-db
Also, when connecting to a database via a linked server, please be sure to use the following query format:
SELECT * FROM [server].[database].[scheme].[table]
I Don't have an AlwaysOn availability group to test this on, but you can specify a connection string when setting up a linked server via sp_addlinkedserver.
SQL Server 2012 accepts the following and successfully creates a linked server that works, whether it honours the ApplicationIntent property you will have to test, but it should do as it is set to use the native client as a provider:
sp_addlinkedserver
#srvproduct = 'DB', --Don't use 'SQL Server' otherwise it won't let you set any properties
#server = 'LINKED-SERVER-NAME',
#provider = 'SQLNCLI',
#provstr = 'Data Source=SERVER\INSTANCE;Initial Catalog = Database;ApplicationIntent=ReadOnly'
https://learn.microsoft.com/en-us/windows-server/networking/core-network-guide/cncg/server-certs/create-an-alias-cname-record-in-dns-for-web1
I have used CNAME for READONLY NODE.
sql AO or windows cluster its very useful for readonly servers.
EX: Your second node server name is SERVERB, you redirect it to alias name as below.
SERVERB ----- >SERVERB.corp.contoso.com.
Then from the SSMS check if you can connect, or ping the alias name from the command promt screen if it works.
ping SERVERB.corp.contoso.com
I'm new to SQL Server 2008. I just installed SQL Server Express. I'm having trouble creating a new database, and I think I don't have permission.
I login like this, please see this screenshot:
Then I tried to create a new database and I got this:
I tried to search for some solution and this what I've got:
http://blogs.msdn.com/b/sqlexpress/archive/2010/02/23/how-to-take-ownership-of-your-local-sql-server-2008-express.aspx
But I can't download the script and the page says:
An error occurred while processing your request.
Please help. Kind regards
I resolved my problem with the following steps:
Set the instance of the SQL Service to single-user mode:
Open SQL Server Configuration Manager. Double click SQL Server Services.
Stop all SQL Server services
Right click SQL service and click Properties, in the Advanced tab, look for 'Startup Parameters'
Insert '-m;' at the beginning of the Startup Parameters value
Start the SQL service
Open SQL Server Management Studio and login with Windows authentication, you can now add user or change password of different users.
Hope this helps!
Try logging in with the sa account and grant permissions to your Windows account.
If you do not know the sa password use sqlcmd and execute the following commands:
Use Master
Go
ALTER LOGIN [sa] WITH PASSWORD=N'NewPassword'
Go
Login with the sa account and GRANT permission to the account.
USE Master;
GRANT CREATE DATABASE TO Jommel;