Connect to SQL Server 2016 with always encrypted feature - sql-server-2016

I am trying to use always encrypted column with SQL Server 2016 and RHEL 7.
I have created my DSN in /etc/odbc.ini.
Info reg odbc.ini is
[test]
Driver=/opt/microsoft/msodbcsql/lib64/libmsodbcsql-13.1.so.8.0
Description=My Sample ODBC Database Connection
Trace=Yes
Server=ip address of sqlserver 2016
Database=Test
ColumnEncryption=Enabled
I have tried to put the column master key in .crt format in
/ssl/private and /etc/pki/ca-trust/extracted/pem/.
I am using the command to connect
sqlcmd -D -S test -U test -P test -d Test -Q "select * from empInfo"
I am getting the error
Sqlcmd: Error: Internal error at ReadAndHandleColumnData (Reason: Error reading column data).
SqlState CE200, Keystore provider MSSQL_CERTIFICATE_STORE not found. Ensure that the appropriate Keystore provider library has been loaded.
Can anyone help me with this? It seems like that it is not picking up the certificate. If that is the case then what will be the location of the crt file to put?
Regards,
Sanjay

Currently, MSSQL_CERTIFICATE_STORE is not supported on Linux. You will have to use Azure Key Vault. Please refer this article

Related

How to connect to remote SQL Server from WSL2 using ODBC?

I want to connect to a remote SQL Server from WSL2, but I keep getting errors for some reason. I tried connecting using my Windows Host machine without any problem.
~/.odbc.ini
[MSSQLTest]
Description=Microsoft ODBC Driver 17 for SQL Server
Driver=/opt/microsoft/msodbcsql17/lib64/libmsodbcsql-17.9.so.1.1
server=tcp:server,port
Database=Databasename
Trusted_Connection=yes
TrustServerCertificate=yes
uid=username#domain.com
pwd=password
odbcinst -j
unixODBC 2.3.7
DRIVERS............: /etc/odbcinst.ini
SYSTEM DATA SOURCES: /etc/odbc.ini
FILE DATA SOURCES..: /etc/ODBCDataSources
USER DATA SOURCES..: /home/test/.odbc.ini
SQLULEN Size.......: 8
SQLLEN Size........: 8
SQLSETPOSIROW Size.: 8
Errors
test#Desktop:/mnt/c/Users/test$ isql -v mssqltest
[S1000][unixODBC][Microsoft][ODBC Driver 17 for SQL Server]SSPI Provider: No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_1000)
[S1000][unixODBC][Microsoft][ODBC Driver 17 for SQL Server]Cannot generate SSPI context
I tried several different changes in the DSN, but none worked. The only thing that changed was the error messages. Then I tried installing mssql-tools to use sqlcmd, but I got similar errors.
Errors
test#DESKTOP:/mnt/c/Users/test$ sqlcmd -S server -U domain\\username -P password -G
Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : SSL Provider: [error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:self signed certificate].
Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : Client unable to establish the connection.
I have no idea what the error above means.
test#DESKTOP:/mnt/c/Users/test$ sqlcmd -S server#example.com -U domain\username -P password -G
Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : SSL Provider: [error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:self signed certificate].
Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : Client unable to establish connection.
I get a similar error. If I change something in the DSN, I get an error stating No kerberos credentials available (default cache: FIEL:/tmp/krb5cc_1000). Cannot generate SSPI context.
I looked up and tried many different solutions suggested on SO and other sites, but I can't seem to get it working. I can, however, ping the server.
Why is it doing this? Why does my connection work from my Windows Host machine but not WSL? What am I missing?
I don't think there's anything wrong with your setup. You might want to check if your admin allows SQL Authentication. Then use the sqlcmd to check if it works for you. You may be able to figure out the solution then.
sqlcmd -SXX.XX.XX.XXX -U username -P password -Q "select top 5 * from your_table"

How to configure sqlcmd on macos to connect to MSSQL using Windows Authentication

I would like to use the sqlcmd cli on a mac to run a script on a Microsoft SQL Server using Windows Authentication.
Software details:
Mac OS 10.13
MSSQL 2012 version 11.0.2100.60
sqlcmd version 17.0.0001.1 Linux
As a test, I tried:
sqlcmd -S hostname,port\\database_name -U domain\\user.name -P "XXX" -q "select ##version"
But I received the error:
Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : Login failed for user domain\user.name
I also configured a freetds DSN and attempted to connect using:
sqlcmd -S DSN_NAME -D -U domain\\user.name -P "XXX" -q "select ##version"
But I received the error:
The DSN specified an unsupported driver
For what it's worth, I'm able to use the same DSN through isql by doing:
isql DSN user.name password
Any help greatly appreciated!
A few things that might help.
If you want to use Windows Authentication I think that you will have to set up Kerberos and NOT supply the login id and password with the sqlcmd command.
I had a confusing scenario where isql with freetds would connect using username and password when the DB server was set to only receive Windows Authentication connections, but the MS ODBC driver would not connect using the username and password. After connecting my computer to the network, settings up kerberos, and getting a kerberos ticket I was able to connect using:
sqlcmd -S 'ServerName'

'sqlcmd' utility unable to login to the database

I have a large .sql data file (4.3 GB) and I would like to execute this file on SQL Server. Doing some research, I found that I can execute this file using the following command:
sqlcmd -U username -P password -S rs-reporting-v1 -d NSTest -i D:NetSuiteDataFiles\Transactions.sql -o D:\NetSuiteDataFiles\Transactions_output_file.txt
When I execute the above command, get the following error:
Sqlcmd: Error: Microsoft SQL Server Native Client 11.0 : Named Pipes Provider: Could not open a connection to SQL Server [53]. .
Sqlcmd: Error: Microsoft SQL Server Native Client 11.0 : Login timeout expired.
Sqlcmd: Error: Microsoft SQL Server Native Client 11.0 : A network-related or instance-specific error has occurred while establishing a connection to SQL Server. Server is not found or not accessible. Check if instance name is correct and if SQL Server is configured to allow remote connections. For more information see SQL Server Books Online..
I've tried changing the username to domain\username but it didn't help at all. I have checked the spellings of username and password multiple times and I'm sure they're correct.
EDIT
I changed my command to the following:
sqlcmd -E -S rs-reporting-v2 -d NSTest -i D:NetSuiteDataFil
es\Transactions.sql -o D:\NetSuiteDataFiles\Transactions_output_file.txt
and now I get the following error:
Would someone please be able to let me know what I'm doing wrong here? Any help would be much appreciated.
I would also like to point out that the .sql file is creating a table and then inserting values.

Getting connectivity error when using :connect command in sqlcmd, but not when doing command line connect

I'm just starting out with sqlcmd on SQL Server 2005, enterprise edition.
I can connect to my server fine, from the command line:
sqlcmd -SSQLSERVERNAME -Q"select test=1"
However, when I create a junk.sql file that has just this one line:
:connect -SSQLSERVERNAME
...and try to run it by running the following at the command line:
sqlcmd -i C:\junk\junk.sql
...I can't even connect - I get this error:
Named Pipes Provider: Could not open a connection to SQL Server [2].
Sqlcmd: Error: Microsoft SQL Native Client : An error has occurred while establishing a connection to the server. When c
onnecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not
allow remote connections..
Sqlcmd: Error: Microsoft SQL Native Client : Login timeout expired.
From what I read, I thought that using the connect command should work. Am I just using it incorrectly? What I'd like to do is connect in the sql file using the connect command (eventually using variables for different servers) and then run different sql files using the :r command
Thoughts?
thanks,
Sylvia
The :connect command does not need the -S switch, just use
:connect "SQLSERVERNAME"
Okay - I was doing 2 things wrong:
** It appears that when you run sqlcmd, you must be connecting to something from the get-go. I thought I could just do this:
sqlcmd -i C:\junk\junk.sql
but I had to do this
sqlcmd -i -SServerName C:\junk\junk.sql
I didn't have a local default instance running - presumably if you have a local default instance running, there's not a problem.
** Then in the junk.sql, you can do the following
:connect ServerName
note that it's NOT
:connect -SServerName
Hope this helps!

Could not connect to SQL Server using osql

I have a script that connects to SQL Server 2005 default instance. But I'm and being connected and instead got the following message
[SQL Native Client]Named Pipes Provider: Could not open a connection to SQL Server [53].
[SQL Native Client]Login timeout expired
[SQL Native Client]An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections.
The script's content is:
osql -E -S <servername> -i D:\scripts\script1.sql -o D:\scripts\script1.txt
I looked at the network connection from SQL Server Configuration Manager. The TCP/IP is enabled but the Named Pipes is disabled.
My question is what could be the possible cause and solution for this error?
try osql -E -S(local) or osql -E -S. I have not figured out why sometimes it does work, and other times it does not.