Can someone let me know why I'm unable to access our Azure SQL Database using Tableau Desktop with our Active Directory account?
I have no problem gaining access using Username and Password, but can't access using AD account i.e. usernam#company.com
I'm getting the following errors
Check whether you have installed ODBC Driver or not. If that's the case, try installing it by following this Download link depending on the operating system you are using.
After installing it, configure the ODBC DSN that may help you to resolve the error.
If it's already installed and still you are getting error, try degrading/upgrading the version.
Take a look at this similar problem answered in below reference:
Error connecting to MySQL - Error Code: B19090E0
You need to configure the server to access using AD account https://learn.microsoft.com/en-us/azure/azure-sql/database/authentication-aad-configure?view=azuresql&tabs=azure-powershell
Related
We are working with SQL Server using Windows authentication and have found that we need to specify the SPN for the connection to work. Our application is partially using VB6 connecting via UDL files and partially a series of ad hoc scripts that we run through LinqPad.
Using the Server SPN feature of the UDL file we can get the connection to work but can not find the equivalent for LinqPad.
Does anyone know how to get this working? We have tried ServerSPN= as an additional connection string parameter on the Advanced settings but it is unrecognised.
Further details.
The client applications are on Windows 7 in domain A. All of the client connections are made from accounts in domain A.
The sql server is in domain B.
There is a selective one way trust between the domains and the server is added to the group that enables that trust.
The error from the linqpad connection is: "The target principal name is incorrect.Cannot generate SSPI context".
The UDL file allows the connection to work once it has the Server SPN = value set but otherwise gets the same error.
Update:
During testing we have found that specifying the SPN results in NTLM authentication to the server. Therefore if there is a way to force this from the client that would be a possible route for us.
Update + Workaround: We have stumbled across a workaround, adding the server into the hostfile with a different name seems to trigger the same fall back to NTLM authentication to work for the LinqPad connection. Would still appreciate if anyone understands how to fix this correctly but for now we are using the hostfile workaround.
Any help appreciated
I can think of several possible issues here:
Your one-way trust is set up the wrong way around;
It's too selective;
Incompatibility in AD versions between domains.
I would recommend trying Kerberos Configuration Manager for SQL Server, it might give you some insight into the root cause.
Also, I believe you might have better chances asking this on ServerFault rather than here. By the looks of it, it's a misconfiguration issue, and has nothing to do with programming.
I am trying to get MuleSoft to talk to a SQL Server using an Active Directory User.
I have gotten it to connect using a user defined in SQL Server, however our DBAs are saying we have to connect with an AD User.
I am getting "login failed" errors
java.sql.SQLException: Cannot get connection for URL jdbc:sqlserver://AG-Q4Test1:1433;databaseName=T10SRV01 : Login failed for user 'HQ\MuleSoftSvc'
I have tried to connect using my credentials and have received the same error. I can connect using SQL Management Studio with my credentials.
I am using the Microsoft SQL Server Driver com.microsoft.sqlserver:mssql-jdbc.6.2.2.jre8
I am thinking that is because its using Windows Authentication
But will this work in CloudHub?
The method described in the KB article will not work in CloudHub because applications don't run in Windows. Take into account that you should not make any assumptions on the operating system and platform for applications deployed on CloudHub.
I was able get Windows Auth working from my local runtime using this article.
After more digging I found this KB Article from MuleSoft which states that Windows Auth is not supported in CloudHub.
I have a simple EF Code First project that has to create a database in my local SQL server if it doesn't exist. However, when I try to debug my application I get the error:
Cannot open database "<Database>" requested by the login. The login failed.
Login failed for user 'MicrosoftAccount\someone#me.com'.'
I somewhat understand that because I login to Windows with my Microsoft account.
So I changed my connection string from using integrated security to username and password.
I made sure the user is created on the SQL server (Login & sysadmin rights) but it still fails when I debug in Visual Studio.
So..... I build the project and ran the application directly via the exe file and everything works. But I want to understand why it doesn't work with the debugger.
Have I missed something obvious here?
So I found the problem.
My local Windows account was paired with my Microsoft account. For some reason Visual Studio sends my Microsoft account to the SQL server to authenticate even when run under specific local credentials.
My solution was to create anew local user on my workstation with NO assosiated MS account.
I made the account member of Administrators and gave it permission to the SQL server then everything was fine...
Please ensure the server and database name are specified correctly in connection string. I had a typo, and got the error.
I guess that the debugger runs with different credentials (or could be set to do so). Especially if your account is not admin.
Maybe this helps: https://blogs.msdn.microsoft.com/greggm/2008/05/15/visual-studio-remote-debugger-service-user-account-requirements/
I have tried to configure release management to work across different servers with untrusted domains using the steps described in the below article.
http://blogs.msdn.com/b/visualstudioalm/archive/2013/12/12/configuring-release-management-to-work-across-untrusted.aspx
But when I tried to configure RM agent with ghost account, it was throwing error mentioned in the title. Please see the error screen attached..!!
I am searching for a solution for last few days...!!! Experts please help me.
Finally the issue has been resolved by logging in as shadow account. Changed RM server name with IP in MS deployment agent....!!
Thank you very much #Daniel Mann for the tips you have provided.
write it down as
Correct way:-
http://(server):(port)
Incorrect way:-
http://(server):(port)/ReleaseManagement
Do not write "/ReleaseManagement/" or any other URL segments after .
This will solve your problem.
Logging in as the shadow account may not be possible depending on how you setup the service account. Release Management site uses windows authentication so if you setup your credentials in Credential Manager on the agent server that will work. Just specify the fully qualified domain name for your Release Management server and your domain credentials for the RM server's domain.
I have created a SSIS Package and now want to deploy it, for that I am required to create the Integration Service Catalog,so I have SQL Server Evaluation Set up in that when I m trying to connect the integration service, I am getting following error,
Connecting to the Integration Services service on the computer
"RESHMAJADHAV"
failed with the following error: "Access is denied."
By default, only administrators have access to the Integration Services service.
On Windows Vista and later,
the process must be running with administrative privileges in
order to connect to the Integration Services service.
See the help topic for information on how to configure access to the service.
Also I have observed that my instance for SQL Server Evaluation edition is RESHMAJADHAV\SQL_SERVER_EVALU but when I am trying to connect this server, then this option is not shown under Integration Services as shown below,
.
I am unable to sort this out, since I am entirely new to this, please explain what can be the solution.
Please make a note, I also have sql server express edition ,but since it doesn't support to create the SSIS Integration service catalog then I installed the SQL Server Evaluation edition .
Also when I am trying to connect via SQL Database as shown in below image,
then while creating the integration service catalog, it is given the following error
Password validation failed.
The password doesn't meet the requirements of password of the password filter DLL.
Change database context to SSISDB.
One fact I have observed, I don't know whether it is related or not but when I am trying to enter password for my system, then also it's giving same error that password doesn't meet the requirement and also when while installing the SQL Server edition, it gave the same error, no doubt my password was very strong and fulfill all the requirements of strong password, currently I am trying to run my SQL Server with windows authentication mode and also I have tried to disable the strong password policies from the administrative tools but it's totally futile....any help will be greatly appreciated.
Go to all programs
Click on Microsoft SQL Server 2012 folder
Right click on SQL Server Management Studio
Click on Run as Administrator
This should take care of problem for now. (With this you need to always repeat the same process). To avoid this every time and for a more persistent solution you need to get permission(s). Please do the following process and you should be good.
In previous versions of SQL Server, by default when you installed SQL Server all users in the Users group had access to the Integration Services service. When you install the current release of SQL Server, users do not have access to the Integration Services service. The service is secure by default. After SQL Server is installed, the administrator must grant access to the service.
To grant access to the Integration Services service
Run Dcomcnfg.exe. Dcomcnfg.exe provides a user interface for modifying certain settings in the registry.
In the Component Services dialog, expand the Component Services > Computers > My Computer > DCOM Config node.
Right-click Microsoft SQL Server Integration Services 11.0, and then click Properties.
On the Security tab, click Edit in the Launch and Activation Permissions area.
Add users and assign appropriate permissions, and then click Ok.
Repeat steps 4 - 5 for Access Permissions.
Restart SQL Server Management Studio.
Restart the Integration Services Service.
(Source MSDN)
I hope this will help
I researched little bit and then I came to know it was actually the problem of HP Security Tool Manager service of HP Laptop which was messing with the password of system,SQL Setup and catalog of Integration Service,I uninstalled it from PC and now my problem is resolved..
look like you don't have a admin privilege.
so start->sql server->right click->run as administrator
it might solve !!!
it's not clear whether this is due to your windows password or the SSISDB encryption password http://fendy-huang.blogspot.com.au/2012/01/sql-server-2012-integration-services.html.
I suggest you think of a very long complicated password with a mixture of upper, lower and punctiation like this:
~~AgFcDeUk17aP9%3(5#hY,lTSs9+
and put that into the encryption field when creating the catalog. If that doesn't get around your error, try changing your windows password to that. The only way to solve thedr things is divide and conquer. Once you know which password is the issue you can attack it further.