We're using a canned app that only uses SQL Server logins (it will NOT use Windows logins to access SQL Server)
SQL Server logins seem to lack even the most rudimentary security features such as expiring passwords and automatic disabling after a set number of failed logins. Bad. Bad Microsoft.
Has anyone figured out a way to graft this on after-the-fact?
I can do it in an awkward fashion by auditing failed logins and going back to read the error log, but this isn't real time by any stretch.
Disable logins on access expiry date(Not windows password expiry). we grant access to users on databases only for 60 days. So access is only valid for 60 days. Then the user should again request access to the database going thru security clearance. Thn the DBA's enable the login. Maintaining all these logins of users manually is causing more confusion. As we know, we dont have any inbuilt functionality to automatically disable logins in SQL Server.
I have a table where the logins and expirydate were recorded in a DB.
Using this table and SQL Server agent. Can i achieve this process automated ? CREATE TABLE [dbo].[LoginsExpiry]( [LoginName] [varchar](50) NULL, [ExpiryDate] [date] NULL, [Roles] [varchar](500) ) ON [PRIMARY] GO
The event log is showing a ton of failed sa logins. The server is connectedto the net. I am assuming this is a dictionary attack to get the sapassword. I am trying to find out if this is an inside attempt or from theoutside. While the profiler will tell me which program or script is sendingit, how do I find out which ip address(s) from the net is doing this?--John Dalberg
I currently have serverA importing data from an AS400 oledb connection and serverB on hot-standby as a mirror. The data import is being performed via an SSIS scheduled job.
I've yet to implement any solution in the following case: If the database on serverA fails, it will failover to the mirror. But the jobs will still be on serverA. Ideally, I'm assuming the jobs should not run on serverB since it will be attempting to update the mirrored database. So, I am wondering if both servers can have identical copies of SSIS packages and jobs and simply (?) enable or disable them based on which server will be hosting the principal database.
Is there any solution where the jobs can automatically be disabled on the server with the mirrored database and enabled on the principal database depending on its status?
SQL 7 profiler has an event in the Misc. category of Failed Login. It does not, or at least I cannot get it to, produce any output when a failed login occurs. Any hints?
I tried this because every week or so I get this in the error log: Login failed for user 'Admin'. It occurs several hundred times within a minute or so. It obviously has to be an automated process as you couldn't click a button or press a key 13 times a second.
The login does not exist as a SQL login so I can't tell which database it is trying to get at. Any suggestions gratefully received.
I need to be able to get info about failed login attempts which need to be running all the time and logging info such as hostname , application name, host machine, etc. The best way I can see to do this is by crerating a trace. Then loading the info from the trace into a table for later use by using fn_trace_gettable. But this requires that the trace be stopped and the definition removed for the trace file to be populated.
Is there a way to be able to log this info constantly into a table without having to stop and then recreate another trace. Also it requires that the table created by the function is dropped.
I just restored a database on a new server with a backup(complete backup stored in backup device) from another database on another server using the "with move" option. In fact here was my process:
Alter database ngauge SET SINGLE_USER WITH ROLLBACK IMMEDIATE
restore database ngauge from disk = 'C:Program FilesMicrosoft SQL ServerMSSQLBACKUPgauge1.BAK' with move 'NGAUGE' to 'C:Program FilesMicrosoft SQL ServerMSSQLDatagauge_Data.MDF', move 'NGAUGE_Log' to 'C:Program FilesMicrosoft SQL ServerMSSQLDatagauge_Log.LDF'
Alter database ngauge SET READ_WRITE
it worked.
But it did not move the 98 or so users/logins...from the source database what is going on??? what am I doing wrong??!!
We are running MSSQL 2000 on a reasonably powerful dedicated Win2k system Dual 2.4 Xeon Procs, 2 GB of RAM, Ultra 160 SCSI disks.. blah blah blah.
Our primary use this database server is for our Coldfusion Application servers. We host about 50 or so databases.
Of late, we have been experiencing random failed logins for certain databases. These failed logins are logged to the event log on the server. They randomly; queries executed against a datasource configured on our application servers trying to get data from the database fail with a login failure when other times they will succeed. I am confused about this issue. Could an issue where the SQL Server is overloaded cause a login failure for a database?
I just applied instcat.sql to my SQL Srvr 2k sp4. At first it broke my replication with some cursor errors. Applying the latest instcat.sql fixed the problem, however one of the distribution agents would not start (i'm not sure if instcat had anything to do with it) giving me a "Login failed for user 'NT AUTHORITYANONYMOUS LOGON'. The process could not connect to distributor 'DistributorName'. The step failed." error.
I was checking the logs because of some failing backups and found literally hundreds of enties for failed logins for user sa. This is does not seem to be related to the failed backups, because even after fixing the problem (disk space), the entries continue to pile up.
Needless to say, the information provided in the log is a bit sparse: date and time, source (Login), message (Login failed for user 'sa'.). If that is actually enough to go on, then there must be some way of cross-referencing this information with that found somewhere else. Is there a 'somewhere else' or are there other things I need to do in order to track this down?
I don't suspect any malicious intent, but I'm not ruling it out. My main concern at this point is twofold: to gain a better understanding of system management; to identify and correct the failed login.
Any recommendations, whether tools, documentation, or otherwise are very much appreciated.
ok, first, I know... I forgot to run a backup of the master database, and I forgot to run a script to caputure logins. Not that that is out of the way... I need to recreate the logins under the Securities tab below the databases. All the company databases have the user names and passwords assigned to them, but they are not able to login, because they are not able to authenticate to the SQL server first.
Is there a script that someone has that will copy the company database security info for the users and recreate them in the SQL security tab?
I know that I can rebuild them manually, but I need to delete them first in the application software, then delete them from the databases, and then recreate them in the application software... and as simple as that sounds... it is a slow moving process.
I would move a Database to another server. I try to use DTS but I have problems with this process because DB have big tables, I think. I try to use DETACH and ATTACH procedures but logins doesn't export. And more, in new server there are already logins from another DBs.
What's the best way to solve this problem? Please, help Thanks
I am a systems analyst and work with an app that runs against 2 SQL Server DBs. Though I have some familiarity with SQL Server and SQL, I am not a DBA.
The app executable is tied to a Windows service. When we install the app, we run a process that builds 2 dbs to include: Tables, indexes, stored procedures, views and user accounts. SQL Server is set up for mixed mode authentication.
Normally, the dbs run off the local db user accounts which are tied to local logins with the same names. We have a client that wants to remove our standard logins so that they can run on only a Windows login. I know I should be able to tie the db users to a Windows login. And I can do the same for the service.
But I am at a loss as to how to get this done. How do you associate db users with a Windows login? When I have tried sp_change_users_login I get an error that the Windows login does not exist. (Though I have added the Windows account to the DB.)
I've built SSIS package and made a job to execute it automatically but it always returns an error. The job returns OK but when we looked at the Log File viewer, it conatins this error log :
Key not valid for use in specified state
Failed to decrypt protected XML node "DTS Password" with error
What's wrong with the package ? Thanks in advance.
I wrote an application using Visual Studio 2005 beta 2 which uses a SQL Express .mdf file, included in the project, for the database. After installing Visual Studio 2005 RC and the SQL Express that comes with it (I followed all of the uninstall instructions first) I can no longer add a SQL Express database to any of my projects, nor can I open the SQL Express database in my original project. When I try either of these tasks, I get the "Failed to generate user instance of SQL Server due to a failure in starting the process for the user instance. The connection will be closed." I read the thread which dealt with this error, and changed the connection string for the database file that had worked before to User Instance = false. The moment I click Test Connection or OK, I get the error: "An attempt to attach an auto-named database for file C:<path to project>EngSQL.mdf failed. A database with the same name exists, or specified file cannot be opened, or it is located on UNC share." (<path to project> is actually a full path, I didn't want to type the whole thing out. :) ). A search for this error turns up a solution of setting User Instance = false, which puts me in a catch 22 position.
I have log shipping set up between 2 SQL 2000 SP1 Servers on Win 2000. The db is small 10 meg, and when the restore job on the backup server fails I am getting "sqlmaint.exe failed. [SQLSTATE 42000] (Error 22029). The step failed." as the message, the maint paln on the primary server show no error. Anyone seen this before? The restore has worked 3 out of 5 times
Is there a way to disable logging ? I'm about to split a 1000000 rows table into three other tables , and would prefere not to log this action ... Does anyone know how to do it in a SQL 7.0 statement ?
can I disable a trigger in Sqlserver 2000??? When i run a store procedure who works with one table i want that the trigger doesn´t work it. After that the trigger would be enabled again.
I know i can delete it and create it again but something like "ALTER TRIGGER DISABLED" would be ok.
Is there any way to disable the primary key constraint?.I want to move the records from one table to another.say column 'x' in the source table doesnt contain a primay key.But my target table column 'x' contains primay key. How to ovecome this problem? Thanks in advance
In meen. primary keys, NOT NULL, IDENTETIES...et.cI have to do a maunally, one time, building of a database. Sometables has tostay an some are to be exchanged. The foreignkey inforcemnt ill do for myself so everything is correct. I just need to be allowed to de thede taskfor a while. Is it impossible?RegardsAnders
I am trying to disable certain users, but it is giving me this error. I am able to disable some accounts, but not all of them. It seems to happen with user that have been recently created.
TITLE: Microsoft SQL Server Management Studio ------------------------------
Disable Login. failed for Login 'domainuser'. (Microsoft.SqlServer.Smo)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=9.00.3042.00&EvtSrc=Microsoft.SqlServer.Management.Smo.ExceptionTemplates.FailedOperationExceptionText&EvtID=Disable+Login.+Login&LinkId=20476
An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo)
------------------------------
Could not obtain information about Windows NT group/user 'domainuser', error code 0x5. (Microsoft SQL Server, Error: 15404)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=09.00.3042&EvtSrc=MSSQLServer&EvtID=15404&LinkId=20476
The links lead to a page that is no longer available.
I read somewhere that it had to do with the SQL Server service account and that if you change it to a Domain Administrator it would and it does, but I can not believe the solution. I would say that this even started happening after we applied SQL 2005 Service Pack 2.
Has anyone else seen this problem. Do I really need to make it a Domain Administrator?
