I'm using grafana with an SQL Server data source. The problem is that the dataset and table lists in query builder are empty ("No options found") but if I write the SQL query in code section it works.
I tried to create a new LOGIN and assign to it the db_owner and db_datareader db roles, without success.
Related
Our setup:
Server A is where the database lies that holds the report information.
Server B is where the report is saved.
The report uses a stored procedure that grabs data from the DB on Server A.
The report was designed with Microsoft SQL Server Report Builder (15.0.900.71).
The report's data source is set to use Windows credentials.
Users connect to a database by an AD group (lets call it the "everyone" group) for basic report reading. So even though we haven't created a login/user for each employee on the server/DB, this group should be handling that.
For the server, I gave the "everyone" group the public server role and for the user mapping I selected the option for the DB and gave it db_datareader and public roles.
For the securables I inserted the server name and selected the option for "Connect SQL".
For the DB,I gave this group the role db_datareader. I didn't give any securables or extended properties for this user.
I can't think of a time when we had this issue with a previous version of Report Builder (version 10.50.1600.1) and this is the only report that is giving this issue. Chrome keeps giving this error to the end user:
An error has occurred during report processing. (rsProcessingAborted)
Cannot create a connection to data source 'SQL01'.
(rsErrorOpeningConnection) Login failed for user 'NT
AUTHORITY\ANONYMOUS LOGON'.
It seems as though when making the report using the new version of Report Builder it isn't correctly passing the user's credentials. Is there something different that needs to be done for this new version of Report Builder or am I doing something wrong elsewhere?
I created a new SQL server with a database in Azure and after logging in with the admin account I added a new user that I wanted to only have access to one database.
In SSMS I right clicked on mynewdatabase database and selected New Query.
I executed
CREATE USER mynewuser WITH PASSWORD ='good password here';
ALTER ROLE db_owner ADD MEMBER mynewuser ;
Now after logging in as mynewuser I can still see the master database.
The question is how do I restrict mynewuser to only access mynewdatabase?
I'm sure this is something basic.
In SQL Server, including Azure SQL DB, all users can can see all system databases in sys.databases. This is not the same as being able to connect to them or run queries in them. This does not disclose any sensitive information as these are system databases and whether you saw them listed or not you would know they were there. See https://msdn.microsoft.com/en-us/library/ms178534.aspx#Anchor_0.
Based on the steps you describe, you have created a contained user that should not be able to connect to the master database or run queries in Azure SQL DB.
I have a MS Access front end with tables linked to SQL Server. I used a file DSN to link tables, and upon opening Access database the user has to enter SQL server userID and password.
Is there a way to extract that userID (not the password) from the established ODBC connection, for example to use it for display and audit purposes?
Yes, you can create a Pass-Through query in Access with just the statement...
SELECT CURRENT_USER
...then in the Property Sheet for that query click the ellipsis button beside ODBC Connect Str and select your File DSN. (When asked if you want to save the password in the connection string, say "No".)
Then save the Pass-Through query (I called mine "getCurrentSqlUser") and run it to get the name of the current user on the SQL server.
(Note: While testing this I logged in as sa and found that the query returned dbo. I think that's because I was logged in as a member of the sysadmin Server Role.)
Is there any permission in Report Manager by which my manager can view the report definition i.e. can view the SQL Query but cannot edit it and save/publish it on the server?
I am using Report Builder 3 and SQL Server 2008 R2
Maybe this will help you..
When you give a user an access to the report server you have to specify the permission he will get.
When you add new Role for a user you have a list of roles, the one which fits to your need named "Report Builder". This permission gives the user to view the report definitions.
It means that the user will be able to open the report with report builder but not save it back to the report server
See screenshot
Is it possible to set up a default set of role mappings for Microsoft SQL Server (2008 R2 for instance) that apply to subsequent databases?
Example: Whenever I create a new database on the server, I want it to map db_owner to a login group called Group_A and db_datareader to a group called Group_B.
The databases are created by a 3rd party application, so doing it in the CREATE statement is not enough. What I hope for is to set a default behaviour for the server itself.
Every new database is created as a copy of the model database on the SQL server. So when you do the mapping the the MODEL db every new DB should replicate that. I haven't tried that with roles and groups but you can try it and let me know whether it works...