we launched new SQL Server on AWS. Everything looks great, I can access the server via SSMS. However, I can't set up new credentials for one specific database.
This database should be accessible via MS Access. It works in MS Access, when admin login and password, but I would like to give the users access only to the specific database.
I read this article and I guess I should created SQL user with password:
https://learn.microsoft.com/en-us/sql/relational-databases/security/authentication-access/create-a-database-user?view=sql-server-2017
Unfortunately, I do not see this option in SSMS.
Don't you have any idea please, why it is so?
So my comprehensive requirement:
1. I need to set up password protected database.
2. This database will serve linked tables for MS Access.
Thank you very much for help,
Vaclav
I have already found a solution. My login didn't have an appropriate server rights. To create a new user and define his permissions you have to "Server role" - securityadmin assigned to your login.
It is described here:
https://learn.microsoft.com/en-us/sql/relational-databases/security/authentication-access/server-level-roles?view=sql-server-2017
Best regards,
Vaclav
Related
Using the example below, which is in my App.Config file, are the uid and password values for the SQL Server, or the SQL Server instance, or for the database that is on the SQL Server?
value="server=localhost;database=myDb;uid=myUser;password=myPass;"
Thanks,
ADawn
Sql Server separates the concept of a login from a user. A server instance itself has logins. Individual databases hosted on a server instance have users.
When you want to run a query or otherwise interact with a database, you generally first connect to the server. You supply a username (uid) and password that match a server login. This login in turn maps to a user in one (or more!) databases hosted by that server.
You can see the user mappings by opening Sql Server Management Studio and connecting to your server. In the Object Explorer area expand the Security and then Login folders (just under "Databases"). Double-click a login to open it's Properties window, and find the User Mappings section.
The connection string also includes a database. The purpose here is (again) because a login might map to more than one database. Specifying a database as part of the connection provides context, so you don't need a database name with every table reference in your SQL code.
There's also Windows/Active Directory authentication (Integrated Security). This makes things even messier, because you can set up Active Directory groups (in addition to users) as server logins to manage access for a number of people at once. An Active Directory user can belong to more than one of these groups... and thus map to more than one user in a single database. In my experience, when this happens you tend to get the union of the set of permissions from every database user you could claim, but I haven't studied that situation thoroughly.
server=localhost;
This is the location of the server. You can use the IP address or the name of the computer. Localhost means this code is on the same machine as the SQL server
database=myDb;
This is your database. Such as master (which is a system one)
uid=myUser;
This is a login on the SQL server. Make sure that login has permissions to the database you are trying to access (and subsequent tables). See the picture below, that is a login abc_test.
password=myPass;
The password for the above user
It is possible to have those Logins as Windows Authenticated logins but in my experience in code it's usually SQL Server authentication (mixed mode) logins.
As sniperd said You can create a new login with a new username and password by right clicking on Logins. Or you can use an existing Login name and change its password. Hope this gonna work!
I am using Access as a front end database to connect to SQL Server data. On my computer, it works just fine. On a user computer, it doesn't work. Has anyone successfully done this without creating a DSN on each computer?
Thanks,
Jeff
You will need to make sure what ever user is trying to connect to the DB has rights in SQL Server to view it. Access won't just remove the security needed to view it. You could create a DB role then put everyone needing to get into that DB into the role and grant that role access. You could also get an AD group created for anyone that needs to view the table and get people added to that group then grant that group access.
You can connect using an ODBC connection with saved credentials to trick the sql server into thinking the user is someone else. However, i would only do this and provide read only access. Then, you can revoke access to that username whenever and the whole system stops. Easy to do., just build an ODBC connection and save the username and password in it.
i have a website hosted on GoDaddy and I need to create a database for it. So headed to the Databases section and created a MS SQL Database then on my local pc I tried to access the database via SQL Server Management studio, I was able to login to the database but I cannot make any operations. I get it does not exist or you do not have permission. So deciced to go the Security tab, then Login and tried to change my username that I'm using to systemadmin role but I also got Cannot alter the server role 'sysadmin', because it does not exist or you do not have permission. What could be the problem? There are no other accounts on it. The default sa account is disbaled and I can't enable it coz it will prompt no permissions etc.
I don't understand it. Why GoDaddy allows me to create a database but with no permissions or rather I cannot alter it. Anyone facing the same issue? Thanks
Well it's quite clear. You cannot set yourself as an SA. This would be a great security breach!
You need to add a Login in your database for your account. I think you headed to the server logins. The server login seem to be ok, as you already said. You can connect to the server itself. You need to add a login or a loginmapping to your server login inside your database.
I don't know the backend of goDaddy, but I'm pretty sure that you have some credentials provided after creating your database.
I'm not very knowledgeable of ASP.NET or MS SQL at all, but was asked to migrate a website based on ASP.NET to a new host. I am moving the site to a HostGator Windows Shared account.
There is a small admin section of the site that has a MS SQL database behind it. I obtained a copy of this database in a .bak file from the previous host.
I was a able to create a MS SQL database in HostGator and import the backup file into it. The database came with a user that was being used to connect to the database from the website.
Although before being able to connect to the DB with this user, HostGator forced me change it's username to conform to their format of "HostGatorUserName_UserName".
Then after successfully connecting to the DB with this user, I got the "Cannot find stored procedure" error. I found out this is probably due to the user not having permission to access any of the stored procedures it did before. I believe this is probably due to the username having been changed.
Now I have no idea how to restore permissions to these stored procedures to the user. HostGator does not provide any web admin for MS SQL although I was able to connect to the database (with the same user) with Oracle SQL Developer (I'm on a Mac). I've googled how to grant permissions to a stored procedure to a user, but of course I cannot grant permissions to myself. I can't find anywhere in Plesk on HostGator where I can manage permissions for existing users or ones I create.
If this is the only login HostGator has provided you, then they need to elevate the rights (probably by adding the user to the dbo role). This may not be what you want, but it's not clear to me what was in place before this database got restored. Did you have a login to the server that could access other databases?
If they also gave you a different login to connect with, that login is probably in the dbo role. So you can login as that user and then:
GRANT EXEC ON dbo.procedure_name TO HostGatorUserName_UserName;
(Sorry but I don't know anything about Plesk. And you'll probably get better answers if you talk to HostGator support to get your access rights straightened out.)
very basic question. sql server 2008, created new login and gave it sql authentication mode. checked status is enabled. Tried to connect to same server instance, login failed. What is going wrong? thanks for help in advance
Did you give that new login any access to any of the databases??
Just the login alone is not worth much and it's only half the story. That user can log in to SQL Server - big deal. You will also need to create users in database based on that login! Or check some boxes in the Login's "User Mappings" page to give it access to specific databases.