Ok I created a database SQL is the engine and Access XP is the gui. When the users try to access the databae they get error message, it opens up but they cant open the forms for some reason. I was wondering if this had to do with me have Access XP and them having Access 2000, but I highly doubt it because when I had a user log on to my machine (which has access xp) they still were not able to access the forms. Can someone help me out PLEASE PLEASE PLEASE... this is so frustrating :(
One thing I'm noticing is that the users connection keeps dropping???
is there a master table that i could querry to buiild a report on the users who have acces to the various databases on the SQL server. I am trying to use master.dbo.syslogins but that is not generating what i need.
I have been using the software, and it has been working fine (on windows user A). Now, I have created another windows user (User B), and would like to use the same software/database. The software launches fine (User B), but cannot access the created SQL database (created with user A)
How do I setup the database to allow access from all users on the same PC?
Is there a way to deny the users the ability to open a server via Management Studio but still allow remote connections.
In my program I need an admin login to do various things. I am using the sa login and setting the password on install of Sql Express. But, if someone changes the password for the sa login after installation and I have the login for sa hard coded in my program, then everything will break. Is there a way to make sure that no one can change the sa password?
I have had this issue just pop up. I have local users who can connect fine, but my users that require connection by VPN cannot connect. I get the server not available or access denied error. I did confirm that the VPN'ers are connected to the network correctly and can see that their shares and mappings are correct. Any ideas? Thanking you all in advance!!
I have set up a link from ACCESS to a SQL 7.0 database using ODBC (File DSN saved on a shared DRIVE). The link works well only from the workstation where the link was created. But How can I create a link so a group of users can view the linked table in ACCESS without type a password? Any suggestion is appreciated.
Hi, I'm writing a program to access a SQL server and my problem is that if I use a user that isn't an administrator the login is failed.
It specifies the " DomainUserName "
Maybe it wouldn't have bothered me so if I didn't see it working on the last server I had. Unfortunatly, that one was formatted and I wasn't the one installing the SQL server on it.
Does anybody know how to make the SQL server more tolrant to users?
Hiya - this might be a bit of a simple question but please bear with me! I have looked reasonably hard for this but can not find an answer:
I have an MSSQL 2000 server running on PC-A and would like to limit certain users (e.g. admin) to be only able to logon when using the actual PC-A machine.
I am aware that you can acheive this in MySQL with the "insert into user (host, user, password) values (localhost, username, password);" command. Is there an equivalent way to do this in MSSQL?
I'm trying to set up SQL Server so that people with Enterprise Mgr can create a DB registration to their DB only (sql.yoursite.com). Are there any tutorials out there for doing this?
I have SQL Server 7 database & I need to create some interface between users & database to let users see what is in the database, but not let them change or destroy data. Do I need to create some other database in-between users & the original database? Users can't program & want access to all data.management doesn't want to create a replication of the database. They want to let users have access through MS Word or Access. What could you advise me?
I have a web application that runs on IIS on Windows XP professional. I have reached the max number of connections to the IIS website. So, I tried the approach of disabling HTTP Keep-Alives.
All is fine and dandy until my Business Intelligence Studio report project attempts to set the parameters for a report using report viewer at which point I get the following error message:
"The request failed with http status 401: access denied."
How can I fix this? I have posted this over at the asp.net forums, but I figured I would check here to see if anyone else has solved this problem.
Ive finally gotten my report server setup to run. I can access the reports via IIS from a remote computer if I login as the server administrator. Ive given certain users permissions to the /Program Files/sql server/Reporting Services/ folder, however, when I try to enter their login info, from the IIS login prompt when i visit http://servername/ReportServer/ I am unable to login. How do I grant users permission to login to report server?
Hi guys, We have a scenario where there are about 50 tables in our database and we want to build an intranet web application for users to with the office to access those tables. Users ability to access tables falls into diferent category:
Some users can NOT view some tables at all Some users can ONLY view some tables but not insert/update any field Some users can view and also insert/update some tables (in the same time they might not have view(select) permision on some other tables) Now, what is the right way to implement this. I say we have to have a Role, RolePermission, User, UserPermission inside our database to implement this (something which would look like the Roles and Users inside MSSQL) and we only have one user for our Database (MachineName/ASPUSER) to access the database and all the tables within My colleague says NO, instead of creating all these tables and implement this, we add every user of our application as a Database user inside MSSQL in the Databse Users. All the web application I have seen so far, DNN, CommunityServer, ... the have tables to implement all these and they don't add users inside the MSSQL. Now which way is the way to go with, and what problem might we fall into if we use SQL users, is this possible at all. How can I convince him that we have to make and use our own tables to manage this. Thanks for any help,Mehdi
I have now succefully setup SQL Server Express on an Admin PC in my office and can see it and connect to it easily from my PC using my NT logon.
My application is complete and runs a treat for me connecting to the server from my PC.
I have now deployed the application using ClickOnce and it has all gone smoothly, except for other NT users gaining access to the database?
Within MSMSE I have clicked on Security-Logins and can see my NT login details are present and as me I can administrate the server/db.
I have added a few new logins and even tried to match them to my settings but from their computers the application fails to logon to the server/database.
Within the ODBC setup the server is visible for them but they cannot connect?
If I logon to their computer it works for me?
This section is new to me so I am struggling to get it to work, can anyone throw me a bone please?
We are currently using Crystal reports but are considering using SQL RS. We need to know if there is a restriction on simultanoeus access to the same report by multiple users? What happens when multiple users try to access the same report simultaneously? If reports can be accessed simultaneously, do the requests queue up or are they processed concurrently?
Hello team, I have learned quite a bit from everyone here. I have decided to post a question for you guys and see what the best method is. Our Sr. DBA has asked me to get a list of all of our users permissions on all of our databases. We have about 20 SQL servers some of which have more databases and instances than I have fingers and toes. Can anyone recommend any solution to this problem? Perhaps there is a script I can download/write which will help me on this? Thanks in advance.
I have a large table with email column. I need to grant select access to this email column to many users but the actual email should not be visible to those users. I thought of following options:
1.Create an indexed view with that column encrypted and then grant access to users.While searching by email, their search text will also be encrypted and then matched with view column.Problem with this is that I have to create indexed view because most searches will be on Email column and table size is pretty big,20 m records. I don't prefer indexed view in general.
2. Add another column to table with encrypted email and grant access to that column to users. Problem with this is that it will increase table size and i'll need one more index.
I'm looking to deploy some SQL Server reports and I want to restrict the access that the users have. Currently when connecting to the reports site they have access to a lot of functionality through the header bar, for example - Properties - New Folder - New Data Source - My Subscriptions - Site Settings - Search etc.
How can I disbale or hide all these options so that all the user sees is the list of reports?
We have purchased an ERP system from a vendor which uses system DSN for all the reports. The system automatically creates DSN with Sa with SQL Server. The problem is the DSN is not working with AD users.
Active Directory server: Windows Server 2008 32 Bit.
SQL Server: Windows Server 2012 64 Bit. This server is already member of my Domain. e.g. CompDomain.com
What should I need to do in client PCs or Server to avail ODBC to AD users.
I have a client who would like to access his database via SQL Server Management Studio. I created a login for him. This login has access only to his database on the server (I set this up using the user mapping), the Securables has Connect to SQL checked (otherwise he won't see his database). When I test this login, he is able to see all the other databases on the server, though when he clicks on the ones he doesn't have access to, it will tell him that he can't access that database. He can access his database alright. My question is, can I hide all the other databases from him, and only display that only database he has access to? I have tried many different ways, I can't seem to be able to do so.
I am in a project where we are using a vanillla Reporting Services 2005 with the builtin report portal. No sharepoint integration yet.
We have successful deployments where we limit access to different folders based on AD-accounts and groups. In this particular case I have a folder for which I would like to allow access to all AD-users within the entire company.
So basically I know how to limit access but I don't know how to enable access for everyone. Is there a simple way to do it? I have googled and search mshelp but I couldn't find anything. I will admit to the search being quite quick but as usual time is short.
When I create logins for SQL Server 2012, something strange happens. When I assign the sysadmin role to a login, the login loses the access to the network drives (for example when creating or attaching databases). The only possible place is the c:drive of the computer that is running SQL Server.
I have been struggling with this for a while and cannot get it right. I have read countless articles on the internet as well as MSDN documentation about SQL Server 2005 and no success so far.
What I want is a database with multiple SCHEMAS, DATABASE ROLES and USERS in order to have a finer grade of security to access the various objects.
My schemas are (in order to simplify the situation and provide an example of the setup):
- [dbo] the standard DBO schema which is always default. Contains public objects. - [com] a special module integrated into the system - [ofc] contains objects used by back-office only - [aud] contains objects used for auditing, etc.
Each of these schemas has their fair share of tables, views, functions and stored procedures which have been created appropriately (i.e. CREATE TABLE [ofc].[Addresses]), in other words prefixed by the name of the schema to which they belong.
Then I have created various database roles (don't confuse them with SQL2005 application roles) as follows:
- PublicRole mostly used for viewing, no data alterations - WorkerRole used by front end processes that need write access to data in [dbo] and [aud] - OfficeRole used by back-office for dealing with backoffice data (basically [ofc], [aud] stuff) - AdminRole used by application administrator
Each of these database roles has been defined with owner 'dbo', none of them own any schemas. And last but not least to each of these roles I have selected the above named schemas (dbo, ofc, aud) as securables and for each of those securables schemas I have then given the correct set of GRANT/DENY on the Alter, Control, Delete, Execute, Insert, References, Select, Update, Take ownership and View definition.
As an example, the PublicRole role has been given the following permissions (Y=GRANT, N=DENY):
Table #1 of Application Permissions [dbo] [com] [ofc] [aud]Alter N N N N Control N N N N Delete N N N N Execute Y Y N Y Insert N N N Y References Y Y N Y Select Y Y N Y Update N N N Y Take ownership N N N N View definition N N N N
And I have the following minimum set of database users defined (the server login has the same name):
- upublic, assigned to PublicRole - uworker, assigned to WorkerRole - uoffice, assigned to OfficeRole - uadmin, assigned to AdminRole
As I understand when I assign these users to a particular custom Database Role, the users inherit the permissions granted to THAT role thus liberating me from having to assign the permissions to each and every user account on the same role.
What I expected was that when I logged in to the database with the upublic user account I would at least be able to view (SELECT at least) ALL the objects with the exception of those in th e[ofc] schema. Unfortunately the account is not able to access ANYTHING at all, I get an error like
"The SELECT permission has been denied on object XYZ, database DB, schema 'dbo'"
So, when I use Management Studio to look at the properties I selected the PublicRole and it showed the upublic user as a member of the role (Members of this role). So far so good.
Then when I switch to the Securables page for this role it shows all the schemas I defined and for each of them the same list shown in Table #1 except it has two lines for each permission, the first for Grantor dbo and the second for Grantor upublic. The first has the same permissions I assigned to the role (as shown on Table #1) but the 2nd does not show a checkmark on either GRANT or DENY!!! For example ([x] = checked, [ ] unchecked):
What am I doing wrong here? Apparently I then have to repeat the whole grant/deny for EACH and EVERY USER I define when the idea was that I would grant/deny on the database role and every member of that role would inherit those permissions automatically.
In a development server you take a backup and you want to move the entire database to a production server. The production server does not contain the database, users, or logins in master.
When you restore the backup to production in 7.0, the users get moved to DBO because the logins do not exist and then you cannot delete them.
We are having to drop the users from the database on development, back up the database and restore it to production, then recreate the users on production.
This is bogus and did not happen in 6.5 because of the aliases.
We have been asked to look into using stored procedures with SQL Server 7.0 as a way to speed up a clients site. 99% of all the articles I have read along with all the books all say Stored Procedure should be used whenever possible as opposed to putting the SQL in your ASP script. However one of my colleagues has been speaking to Microsoft and they said that that they were surprised that our client wanted to use Stored Procedures as this was the old method of database access and that now he should really consider using COM objects for data access as itis much faster. Has anyone got any views on this or know of any good aticles regarding this matter ?
After replicating a database, the stored procedures in that same database are not able to edit by other users than service account (sys admin users), When the normal users try to edit any of the stored procedures, sql server 2005 is throwing the following error...
Msg 21050, Level 16, State 1, Procedure sp_MSmerge_ddldispatcher, Line 12Only members of the sysadmin fixed server role or db_owner fixed database role can perform this operation. Contact an administrator with sufficient permissions to perform this operation.
Writing to tables created by regular users on MSSQL2005
I have users creating tables through an application, I gave them ddl_admin, datareader, datawriter. They can create tables but cannot insert/update data (to their own tables), I cannot insert data either using Access or any other application to those tables created by them (under dbo schema) Is there something I am missing with permissions? Thank you very much
