I have a Visual Studio database project, every time I publish it to SQL Server, it removes the NT AUTHORITY\NETWORK SERVICE Login user.
After every publish I then have to go back into SQL Server Management Studio and add the user again via the User Mapping tab.
Does anyone know why this is and how I can stop it from doing this?
I currently have this in the dbo -> Security folder, but we have other project that also just have this and work fine with the NT AUTHORITY\NETWORK SERVICE.
Managing settings like this can be difficult to figure out, set up, and get consistently correct, as there are a lot of situations and project settings to deal with. Start with the following, then poke around, do some experiments--it can be done.
When publishing a database from VS, you should get this screen. Clicking on Advanced...
Will get you this dialog (note that I am showing the SECOND tab)
Scroll down and select the "Do Not Drop Users" checkbox.
You would need to do this every time you publish the database--but fortunately you can save a publish "Profile"--back on the first screen, via the "Save Profile" buttons. We add these profiles in their own "Publish" folder in the project (tagged with Build Action = None) for ease of access and use.
The (very) irritating thing is, there are a LOT of settings and checkboxes buried in here, and a number of them impact database security and permissions settings. I'm reasonably certain this is the only one you'll need to deal with, but there are a lot of other settings and variations to consider. Whatever you hit, odds are there's a setting in here that, once you figure it out, can address it. Good luck!
The answer to this was specific to the project and how it has been done.
I compared a post deployment script of another project and the one I was having problems with had extra bit at the top of the sql file where it was removing users based on names provide as publish parameters. This was not in the other project.
exec sp_executesql #sql
set #sql = 'DROP USER IF EXISTS [$(AdminLoginName)]'
exec sp_executesql #sql
set #sql = 'DROP USER IF EXISTS [$(QALoginName)]'
exec sp_executesql #sql
Removing this stops it from removing my said user, I don't honestly know why this would be in there if the other project works without it. I don't like database projects!, I find them clunky and hard to work with compares to a nice numbered migration like dbup or fluent migrator, but it's what this company use!
Appreciated the help from people, it sounds like there are some publish options to ignore users.
Related
Update: Would like something that everyone can use, not just admin.
I tried to find if this question has already been asked before this post. In SSMS 2014, is there an option to only allow query execution if any text has been selected?
If none is selected, F5 and/or the execution button should be disabled. Thank you!
Based on my brief research, if user (like myself) who cannot run RAISERROR with severity level 20 or above, I am using SET NOEXEC ON and SET NOEXEC OFF in the very top and bottom. Then develop your script inbetween those two statements.
The downside is that there are two statements to add at 2 different locations. Also, if your script requires the use of SET NOEXEC, then this might not work.
I have this snippet that I sometimes include at the top of my queries:
raiserror('Highlight something and tell me what you''d like to do.', 20, -1) with log
Per the Microsoft Connect page titled, Add an Execute Selected Text Only to SQL Server Management Studio:
...We are considering adding this as a text-editor option for an
upcoming release. I have no way to mark it as "added to backlog", so
I'm resolving it as "Won't Fix". It's there though...
Cheers
-Sam Hughes
That was in 2011. If there is a way to do this I suspect it would be using Redgate. I'm not a redgate guru but I know that, for example, SQL Prompt will throw a warning before letting you do a DELETE or UPDATE without a WHERE clause. That's where I'd start.
I want to create a new schema in SSMS with the Schema - New dialog box but I can't find how.
I know it's supposed to open when I right click on the Databases/xyz/Security/Schemas folder in the Object Explorer and select New Schema... but all I get is a query to create it.
I just started an edX course called Developing SQL Databases, there are no instructions there concerning the SSMS settings, the only instructions say that I should be able to get the Schema - New dialog box. I asked there in the discussion but nobody replies, actually there's no activity there whatsoever so probably nobody even knows I asked.
I did google it but the only relevant results I found say the same thing, right-click, New Schema... and the dialog box opens. But it doesn't.
So, what am I missing?
Expand the database in the Object Explorer, and right-click the Security folder, then select "New" (the Security folder under the database, NOT the Security folder under the server).
I realize your question is how to do this in SSMS, but the tsql code for this is only five words.
create schema MyNewSchema authorization dbo;
That seems much simpler to me.
Be sure you are searching in a right folder.
the security folder is under the database , not under the server.
as next screenshot:-
UPDATE:-
This issue is repeated here, and the soluation was the following:-
Full uninstall Manual
deletion of all MSSQL-folders in
AppData{Local|Roaming}
Reinstall
Checking for any updates
and everything is as expected, so try these steps.
I got a SSRS 2008 web edition instance (which was migrated from 2005 standard edition) and I need to change some security for a new folder I`ve just created.
When I go on report server web page (http://rsServerName.xyz/Reports), enter the new folder, go on folder properties, then when I click on Security, web page returns an error The user or group name 'xxx' is not recognized. (rsUnknownUserName)
I`ve checked the user in database - it exists, it has some items (reports) assigned to it, seems fine just like other users from database.
I first thought to just go into database and remove the entries from PolicyUserRole for users that aren't allowed into that folder, but there's also some info in SecData, and maybe some other places, and also found that microsoft doesn't support any queries against their reportserver database, so that might not be the brightest idea :)
Does anyone know any other way to remove the security from a specific folder ? Or maybe things to look at for this user name that it fails ? Another thing to mention, all security problems started when server was migrated from 2005 standard to 2008 web edition.
Thanks.
The only possible way to fix this was to remove the user completely and add it back. During the migration described above several user's permissions were affected, and the only way to fix was to re-create them from scratch - not elegant, but worked.
Solution - find the user, remove, add back.
Suppose you have a database project and you do NOT have "Always re-create database" checked off in your Database.sqldeployment settings. And suppose you deploy to a server that already has a database by the name of the one you are deploying.
Under what other circumstances will the database deploy generate a script with a "DROP DATABASE" statement?
If you don't ever, ever, ever want your database to be dropped by the deployment script generated by right clicking your database project and selecting "Deploy", what are some of the steps you can take to prevent this?
In addition to the "Always re-create database" NOT being checked off, you should also check the Development tab on your database project's Properties page. Make sure you define a target connection. When you don't define one the project will always and only deploy as-if the target database does not exist. This behavior is by design. see this link for more details.
My suggestion is to create the connection using Windows Authentication so each user would have access to the extend they are supposed to.
Also please note that you will have to do this for each Deployment Configuration (e.g. Debug, Release, etc.)
I personally set the deploy action to just create a script and run it manually to be on the safe side!
I have a database in a local file that is used by a program. The program has limited functionality and I needed to run some quick queries. I installed SQL Server Management Studio Express 2005 (SSMSE), connected to the SQL Server instance, attached the database file, and ran the queries. Now the original program will no longer connect to the database. I receive the error:
Cannot open user default database. Login failed. Login failed for user 'MyComputer\MyUserName'.
I've gone back into SSMSE and tried to set the default database. I've opened up Security, Logins, BUILTIN\Administrators and BUILTIN\Users. Under General, I have set the default database to the program's database. Under User Mappings, I made sure the database is ticked and that db_datareader and db_datawriter are ticked.
The program uses the connection string:
Server=(local)\Instance; AttachDbFilename=C:\PathToDatabase\Database.mdf; Integrated Security=True; User Instance=True;
I know jack-all about database administration. What else am I missing?
This may not be answering your question specifically, but it may help others with similar issue caused by different problem
In my case the problem was my user is defaulted to a database which is not accessible for any reason (can be renamed, removed, corrupted or ...)
To solve the issue just follow the following instruction
Try to login again on the login page there is other tabs select
"Connection Properties".
under the tab locate "Connect to database" and select an existing database you have access to like tempdb or master
Once you are connected to the SQL Server Instance execute the below TSQL to assign the login a new default database.
Use master
GO
ALTER LOGIN [yourloginname] WITH DEFAULT_DATABASE = TempDB
GO
Alternatively once you connected change your default database name to master via UI
Article taken from :
http://www.mytechmantra.com/LearnSQLServer/Fix-cannot-open-user-default-database-Login-failed-Login-failed-for-user-SQL-Server-Error/
This problem manifested for me when I took my default db offline. Next thing I know I couldn't login. Switching to the Connection Properties tab and selecting the drop down to change the database I want to connect to also failed.
It let me in right away once I manually typed master as the db I wanted to connect to (on the Connection Properties tab).
First, try to isolate your problem:
Take a backup of the file! Some of the steps below can, apparently, in some circumstances cause the file to vanish.
Are you sure you are connecting to the same instance through Management Studio as the program is?
If possible, try to shut down the instance that you are not expecting to use.
Set the user's default database to master and try to make the program logon.
Try to login as the user through Management Studio - since you have integrated security, you should open Management Studio as the program's user.
Are you using "User instances" - perhaps without knowing it? If so, this may be helpful: http://blogs.msdn.com/b/sqlexpress/archive/2006/11/22/connecting-to-sql-express-user-instances-in-management-studio.aspx
I haven't worked much with files being attached in the way your program does - but you write that you attached the DB in the Management Studio as well. Have you tried detaching it there before running your program? Perhaps you are seeing the Management Studio and your program competing for exclusive access to the MDF-file?
EDIT: I added point 6 above - this is new in my own list of TODOs when troubleshooting this type of Login failed. But it does sound a lot like what you're experiencing.
EDIT2: In the first edit, new item was added to the list. So the numbers in the comments doesn't correspond with the numbers in the answer.
I finally figured this out, and my situation is different than every other I've read about tonight.
I had restored my database from a backup. I knew that there was a particular login user that I had been using, so I created that user in SSMS. However, there was already a user by that name under the database that had come in with the backup.
Since I had screwed around so much trying to fix this, I wasn't able to delete the user under the DB easily. I deleted the database and restored again. Then:
Delete the user under the Databases->[my database]->Users
Create the user again in Security->Logins (not under your DB, although that probably works too.
Go to the newly created user. Select properties. Then under User Mappings, tell it to make your database the default. Give it read and write access.
Summary: I had two users. One that came with the DB, and one that I had created. Remove the one that came with the DB and create your own.
First click on Option>> Button of “Connect to Server” Prompt.
Now change the connect to database to any existing database on your server like master or msdb.
More Details
https://blog.sqlauthority.com/2008/11/04/sql-server-fix-error-4064-cannot-open-user-default-database-login-failed-login-failed-for-user/
I've also had this same problem, it turned out that I was trying to access the built in membership classes (in a view), and that .Net was trying to create the database in the App_Data folder:
#Membership.GetUser().ProviderUserKey
This will trigger the system to try and create a database based in the built in membership system, which may not be the way your system is setup.
I had a similar problem had to simply download SQL Express Utility that is capable of starting User Instances. SSEUtil is a tool written by the Visual Studio team to help troubleshoot User Instance issues, you can read more about it in the read me file that is installed with the utility.
http://www.microsoft.com/downloads/details.aspx?FamilyID=fa87e828-173f-472e-a85c-27ed01cf6b02&DisplayLang=en.
Hope this will help.
In my case I had to set "connect to any database" right path:
On your instance, go to Security , then to Logins.
Right Click on there, you will see properties and you should click on Securables.
There it give possibility to connect to any database.