what I am trying to do is creating a report about failed subscriptions in MS SQL Server Report Server (SSRS). What I have done so far is the following SQL statement:
USE ReportServer
GO
WITH SubscriptionsCTE AS
(
SELECT
c.[Name],
c.[Path],
s.[Description],
s.LastStatus,
s.LastRunTime,
CONVERT(xml, s.ExtensionSettings) AS ExtensionSettings,
s.DeliveryExtension
FROM
dbo.Subscriptions s
INNER JOIN dbo.[Catalog] c ON c.ItemID = s.Report_OID
WHERE
s.LastStatus LIKE 'Failure%'
)
SELECT
[Name],
[Path],
[Description],
LastStatus,
LastRuntime,
CASE
WHEN DeliveryExtension = 'Report Server FileShare' THEN (SELECT e.c.value('(Value/text())[1]', 'nvarchar(max)') FROM ExtensionSettings.nodes('ParameterValues/ParameterValue') e(c) WHERE e.c.value('(Name/text())[1]', 'nvarchar(max)') = 'USERNAME')
WHEN DeliveryExtension = 'Report Server Email' THEN (SELECT e.c.value('(Value/text())[1]', 'nvarchar(max)') FROM ExtensionSettings.nodes('ParameterValues/ParameterValue') e(c) WHERE e.c.value('(Name/text())[1]', 'nvarchar(max)') = 'TO')
ELSE NULL
END AS Subscriber
FROM
SubscriptionsCTE
The problem is that the field Subscriber is encrypted for FileShare subscriptions. I understand that it is for the password... but for the user name? As an administrator I have access to the subscriptions via the GUI, but it is a pain to look into every report's admin panel to find out the user name.
I did something like
CASE WHEN Subscriber = '(some encrypted string)' THEN 'User 1'
WHEN Subscriber = '(some other encrypted string)' THEN 'User 2'
(etc.)
ELSE NULL
END AS Subscriber
But obviously, it is not encrypted in the same way in every record, so 'User 1' has a different encrypted string in every subscription.
Is there any way to decrypt these strings? I have the .snk file from the Report Server certificates backup (and know the password for it). Does this help?
Thanks for helping...
Best wishes
Michael
Related
my MSSQL DB creates every second two SQL Server Profil - tace data file:
Screenshot
How can I stop that, because we don't want to tracing something and it files my memory?
My SELECT * FROM sys.traces is empty.
If I execute SELECT * FROM sys.server_event_sessions, the result looks like the following Screenshot:
Additionally, I execute the following command:
SELECT s.name, CAST(st.target_data AS XML).value('(/EventFileTarget/File/#name)[1]', 'NVARCHAR(100)')
FROM sys.dm_xe_sessions s
INNER JOIN sys.dm_xe_session_targets st ON s.address = st.event_session_address
WHERE target_name = 'event_file
The result looks like this:
Next, I open the system_health-file and get this displayed:
The hkenginexesession-file is empty.
Do you have enough permission to see trace list?
The visibility of the metadata in catalog views is limited to securable that a user either owns or on which the user has been granted some permission. For more information, see Metadata Visibility Configuration.
If the list is still empty with sysadmin premission then check if these files are created by Extended events:
USING SSMS:
Server > Management > Session
USING TSQL
SELECT s.name, CAST(st.target_data AS X`enter code here`ML).value('(/EventFileTarget/File/#name)[1]', 'NVARCHAR(100)')
FROM sys.dm_xe_sessions s
INNER JOIN sys.dm_xe_session_targets st ON s.address = st.event_session_address
WHERE target_name = 'event_file'
The above query return session name and filename of outputs.
I am using Azure Managed Instance for some migration tasks. I have multiple databases in that all are working fine.
But when I try to open the properties for a database named GCDCalculation, I am getting the following error:-
And the whole error is:-
Cannot show requested dialog.
===================================
Cannot show requested dialog. (SqlMgmt)
------------------------------
Program Location:
at Microsoft.SqlServer.Management.SqlMgmt.DefaultLaunchFormHostedControlAllocator.AllocateDialog(XmlDocument initializationXml, IServiceProvider dialogServiceProvider, CDataContainer dc)
at Microsoft.SqlServer.Management.SqlMgmt.DefaultLaunchFormHostedControlAllocator.Microsoft.SqlServer.Management.SqlMgmt.ILaunchFormHostedControlAllocator.CreateDialog(XmlDocument initializationXml, IServiceProvider dialogServiceProvider)
at Microsoft.SqlServer.Management.SqlMgmt.LaunchForm.InitializeForm(XmlDocument doc, IServiceProvider provider, ISqlControlCollection control)
at Microsoft.SqlServer.Management.SqlMgmt.LaunchForm..ctor(XmlDocument doc, IServiceProvider provider)
at Microsoft.SqlServer.Management.UI.VSIntegration.ObjectExplorer.ToolMenuItemHelper.OnCreateAndShowForm(IServiceProvider sp, XmlDocument doc)
at Microsoft.SqlServer.Management.SqlMgmt.RunningFormsTable.RunningFormsTableImpl.ThreadStarter.StartThread()
===================================
Subquery returned more than 1 value. This is not permitted when the subquery follows =, !=, <, <= , >, >= or when the subquery is used as an expression. (.Net SqlClient Data Provider)
------------------------------
For help, click: https://learn.microsoft.com/sql/relational-databases/errors-events/mssqlserver-512-database-engine-error
------------------------------
Server Name: my-project-database.database.windows.net, 3342
Error Number: 512
Severity: 16
State: 1
Line Number: 7
------------------------------
Program Location:
at Microsoft.SqlServer.Management.SqlManagerUI.DBPropGeneralData.InitProp()
at Microsoft.SqlServer.Management.SqlManagerUI.DBPropGeneralData..ctor(CDataContainer context)
at Microsoft.SqlServer.Management.SqlManagerUI.DBPropGeneral..ctor(CDataContainer dataContainer, DatabasePrototype prototype)
at Microsoft.SqlServer.Management.SqlManagerUI.DBPropSheet.Init(CDataContainer dataContainer)
at Microsoft.SqlServer.Management.SqlManagerUI.DBPropSheet..ctor(CDataContainer context)
All other Databases are working fine.
Added to this, I want to know that, is there specific query is triggered in the backend when we try to open the properties tab (Or any other tab).
Finally, one I can answer. Kollira is on the right track with this, the reason you get the error is that backupset contains records linking more than one database to the same ID. This happens because the DB was probably brought into SQL MI via the migration tool which creates the backupset with a GUID instead of the database name. When you do your own copy-only backup to URL, it creates a new backupset with the real name. This is not an optimised query to prove it but here goes.
select db_id(database_name),database_name, [type], max(backup_finish_date) as latest from msdb..backupset where ([type] = 'D' or [type] = 'L' or [type]='I') and db_id(database_name) = (select database_id from sys.databases where name = 'Your_Database') group by database_name, [type]
Then we can see there is more than one DB listed, you can probably see the wrong one as it was created just when you backed up. So with this list of probably 2 DBs
Select * from msdb..backupset where database_name in('DB1', 'DB2')
We can see conflicting backupsets. In my case the one with the real name was actually the new one that I wanted to remove, the other was a GUID I assume from my migration. So I just deleted the backupset as there were no backups associated. So simply:
Delete from msdb.dbo.backupset where database_name = 'TheDatabaseName'
Boom, now properties rendered, and the original backup chain was still correct.
I am not a SQL pro, so use at your own risk. Also, since this is no longer a Managed instance unique problem, maybe a SQL pro can advise a better solution.
The problem is with backups. Run this query and update the database name to the one which is latest.
create table #tempbackup (database_name nvarchar(128), [type] char(1), backup_finish_date datetime)
insert into #tempbackup
select database_name, [type], max(backup_finish_date) from msdb..backupset where [type] = 'D' or [type] = 'L' or [type]='I' group by database_name, [type]
SELECT
(select backup_finish_date from #tempbackup where type = 'D' and db_id(database_name) = dtb.database_id)
AS [LastBackupDate]
FROM
master.sys.databases AS dtb
WHERE
(dtb.name='Your Database Name')
drop table #tempbackup
I'd like to know who (Service account, user account ,etc ) ran each query_id that Query_Store records. Is there a way to do this? I've looked all over and can't seem to find anything.
Basically I'd like the data from this to be stored as well. Hostname, and Login Name are very useful to me.
SELECT sdest.DatabaseName
,sdes.session_id
,sdes.[host_name]
,sdes.[program_name]
,sdes.client_interface_name
,sdes.login_name
,sdes.login_time
,sdes.nt_domain
,sdes.nt_user_name
,sdec.client_net_address
,sdec.local_net_address
,sdest.ObjName
,sdest.Query
FROM sys.dm_exec_sessions AS sdes
INNER JOIN sys.dm_exec_connections AS sdec ON sdec.session_id = sdes.session_id
CROSS APPLY (
SELECT db_name(dbid) AS DatabaseName
,object_id(objectid) AS ObjName
,ISNULL((
SELECT TEXT AS [processing-instruction(definition)]
FROM sys.dm_exec_sql_text(sdec.most_recent_sql_handle)
FOR XML PATH('')
,TYPE
), '') AS Query
FROM sys.dm_exec_sql_text(sdec.most_recent_sql_handle)
) sdest
where sdes.session_id <> ##SPID
--and sdes.nt_user_name = '' -- Put the username here !
ORDER BY sdec.session_id
Credit: Execution datetime for SQL queries against SQL Server
There's no DMV that records which sessions ran which queries. To gather that information you must use an Extended Events trace, or a Database Audit.
Using SQL Server 2016, I am trying to configure a user other than 'SA' to import a file. The code I am executing is as follows:
EXECUTE AS USER = 'DataImports';
SELECT CURRENT_USER;
EXEC xp_cmdshell 'TYPE myFileNameHere.txt'
BULK INSERT DataImports.staging_AddressBook
FROM 'myFileNameHere.txt'
WITH (DATAFILETYPE = 'char'
, FIRSTROW = 2
, FIELDTERMINATOR = ' '
, ROWTERMINATOR = '\n');
The error that I get is:
Msg 4834, Level 16, State 1, Line 20
You do not have permission to use the bulk load statement.
I have validated the following:
I do have access to the file as the user required - The cmdshell TYPE returns the rows expected. I do not appear to have a file access issue.
I have INSERT permission on the database in general.
I tested by using:
SELECT
[DatabaseUserName] = princ.[name],
[PermissionType] = perm.[permission_name],
[PermissionState] = perm.[state_desc]
FROM
sys.database_principals princ
LEFT JOIN
sys.database_permissions perm ON perm.[grantee_principal_id] = princ.[principal_id]
WHERE
princ.[name] = 'DataImports';`
I do have the bulk admin role
SELECT
r.name AS [RoleName],
m.name AS [MemberName],
CASE
WHEN m.name IS NOT NULL THEN 1 ELSE 0
END AS IsMember
FROM
sys.server_principals r
LEFT JOIN
sys.server_role_members rm ON (r.principal_id = rm.role_principal_id)
LEFT JOIN
sys.server_principals m ON (rm.member_principal_id = m.principal_id)
WHERE
r.type = 'R' AND m.name = 'Dataimports';
I have even configured the user to be a sys-admin (not part of the long term plan) but I'm still getting the error.
These are the main points that have been highlighted in the other SO tickets and general searches I have performed. I can import the table as SA but not as DataImports despite what appears to be correct configuration.
This is part of a job that is being run and currently we are having to give SA access just to read a file. Security wise this is less than ideal but I cannot work out what is missing.
Any suggestions of what else to check would be gratefully received - all the basics seem to be in place.
Any suggestions
of what else to check would be gratefully received - all the basics
seem to be in place.
Few things:
GRANT ADMINISTER BULK OPERATIONS TO Dataimports
If the destination table contains triggers or checks constraints
GRANT ALTER ON TABLE DataImports.staging_AddressBook TO Dataimports
And
ALTER DATABASE [yourDB] SET TRUSTWORTHY ON;
Because of:
For security considerations, the server-scoped permissions are
stripped down when you impersonate a database user unless the system
administrator has explicitly set SQL Server to trust the impersonated
context at the server-scope. In this case, a login with the control
server server-scoped permission has no permissions to access any
particular database. Therefore, the trigger module that is executed as
this login cannot run.
I am executing a SQL script in SQL Server Management Studio 2018. In my script I need to specify a user (including the domain - unsure if I need the server name).
So I have created a user sam, set the user type to SQL user without login and set the users role to db_datareader and db_datawriter.
I then execute my script but it gives me the error: User or role 'MHT.sam' does not exist in this database.
But I am almost certain I have added this user to the database (see my images below to double check). Is my user and domain name format correct? What do you think I am doing wrong?
Here's my domain and server:
The error is pretty obvious.
In your screen shot in the object explorer you have a user called SAM, but for sp_AddRoleMember you are using MHT.SAM user.
Your sp_addrolemember should also have only Sam something like...
Exec sp_addrolemember N'RunStoredProc' , N'Sam'
GO
Also to double check what your user type is what login it is mapped to and what really is going on, use the following query.
SELECT
d.name AS User_Name
, d.type_desc AS User_Type
, d.default_schema_name AS User_default_schema_name
, d.create_date AS User_Created_Date
, s.name AS Login_name
, s.type_desc AS Login_LoginType
, s.is_disabled AS Login_is_disabled
, s.create_date AS Login_create_date
, s.default_database_name AS Login_default_database_name
, s.default_language_name AS Login_default_language_name
FROM sys.server_principals s
INNER JOIN sys.database_principals d on s.sid = d.sid
WHERE d.name = 'Sam'