We're running jprofiler (version 9) using floating licenses (ejtserver).
Currently each developer has to configure the licence server connection with the licence username.
Is there a way preconfiguring jprofiler to use a specific license server with the system login username as licence username?
You can pass the arguments
-Vjprofiler.licenseKey=FLOAT:[server name or IP address] -Vjprofiler.licenseName=[user name]
to the installer to configure the floating license server during an unattended installation.
If you are not running an installer, you can copy the file $HOME/.jprofiler9/config.xml or %USERPROFILE%\.jprofiler9\config.xml after you have configured JProfiler and copy it to $JPROFILER_HOME/config/config_template.xml. Then any new user who starts the JProfiler executable starts with this configuration.
As of 9.2 this it is not possible to automatically use the login name. In 10.0 you will be able to leave the user name empty and the login name will be used.
Related
How can we pass encrypted password in SQL connection string on PowerShell?
Unable to connect SQL server with NT AUTHORITY\ SYSTEM account. What teps need to be taken to connect to SQL Server with NT Authority\System account?
As checked, I installed PSTools and extract all files in specific location and ran cmd.
With below cmd
psexec -i -s ssms.exe
After running the above cmd, I got :
couldn't install
Access denied
You dont say much about the client and what you are supposed to achieve. The part about psexec is quite hard for me to understand.
You can use credentials in two ways from local network, sql login and windows login. I assume you are attemting to use windows login.
If you, from a windows computer, run a console app or desktop app, you will connect as the user who started the app. In normal terms, you.
Since you get "NT AUTHORITY\SYSTEM", I guess you want to try as similar as possible like a Windows Service. My recommendation is to start the service as a named user "AD\MyServiceAccount". You give access to this user in SQL server.
I recommend you to read about the differences of:
NT AUTHORITY\System
NT AUTHORITY\NetworkService
AD Account
If you are not trying to debug/build a service, but just want to get some sql server data in an desktop application. Use regular tools and your personal account. If not, sql login.
If you want to use the Computer Account, you should use add AD\$ComputerAccount to ACL list on SQLserver.
Note: AD being the name of your Active Directory.
I have an installer that's running the SQL Server 2014 Express installer in unattended mode.
Basically, it's creating a command-line and running the setup.
My problem is that I need to be able to connect to the installed instance as admin using SQL Server authentication.
The command-line already contains /SECURITY MODE=SQL. I can create a SQL login and login successfully, so that part of the problem works fine.
My problem is that while I can see sa in sys.server_principals, it's flagged as is_disabled, and I can't login using it.
Is there a way, when running the SQL Server 2014 install unattended, to pass command line arguments that will have it enable sa so I can successfully login using it?
Or some other login, if that's easier.
What I need is a sql_login that I can use to connect to the database as an db administrator without regard for the permissions of the logged-in windows user, after having run the installer in unattended mode.
The full commandline args:
/QS /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQL
/INSTANCENAME=SQLEXPRESS /SAPWD="SQLSVCPASSWORD"
If I login to Windows using an admin account, I can connect to the database using Windows authentication. I can then create a normal SQL Server login. With that, I can then login using SQL Server authentication and that account.
So I'm certain the DB is in mixed mode. And this:
Exec xp_instance_regread N'HKEY_LOCAL_MACHINE', N'Software\Microsoft\MSSQLServer\MSSQLServer', N'LoginMode'
returns '2'.
My problem is that I need the users to be able to run the software without being a windows admin. And part of what the software needs to be able to do is to drop and create databases, within the instance.
So I need SQL admin permissions, without depending upon the windows user having elevated permissions.
===
The setup tool I'm using is configured using XML files that contain, in them, LUA scripts that build and run the Windows Installer package command lines. Between the nested languages and various levels of escaping, I'd not noticed that the "/SECURITYMODE=SQL" argument was commented out, and not included in the command line.
With it included in the command line, the "sa" user is enabled.
TL;RD If you want the "sa" user enabled, after an install, include "/SECURITYMODE=SQL" on the command line.
You need to specify /SAPWD as well when using /SECURITYMODE=SQL. I am not sure, but if you do not specify the password, it will be disabled by default.
Have a look at this article https://learn.microsoft.com/en-us/sql/database-engine/install-windows/install-sql-server-from-the-command-prompt?view=sql-server-2017 for more information.
I would like to connect to the company's SQL Server 2014, where I am working at, with my computer using windows authentication. I need this to deploy from my machine SSIS packages, without having to access remotely our server's machine.
I have been trying to add a login with my computer name plus my user as MY_COMPUTER\USER, but I keep getting an error, which tells me the it wasn't able to find the domain of my computer.
So, how can I connect my computer to our SQL Server using a windows authentication?
CREATE LOGIN [DomainName\Username] FROM WINDOWS WITH DEFAULT_DATABASE=[master], DEFAULT_LANGUAGE=[us_english]
Your local computer name isn't part of this at all. DomainName is the name of the windows network domain name that your SQL server would be joined to in this case. If your SQL server is not joined to a domain then that is a different scenario and I can't test but I would think you would use the computer name of the SQL Server in place of domain name and then the name of the local user....
Anyway, do you know your Domain Name?
DomainName\Username
If not joined to a domain try
SqlServerComputername\Username
We have a windows network domain joined with our SQL Server. I had already created a user for my computer on our windows network, but I wasn't logging in using the new user.
I have requested my system administrator to install sql server 2008 r2 in my system
During the installation the system admin added myDomain\MyUsername as a use of the database.
But he has given me only “public” server role to myDomain\MyUsername .
So I am not able to create a database.
He also don’t know what password he given for “sa” user during installation.
At present I don’t have admin access in my machine (operating system:windows7).
My question is
“if I have admin right on my opearating system, will 'myDomain\MyUsername' have full privileges on the sql server?”
I recently installed Microsoft SQL Server 2012 on a fresh Windows 7 installation, but whenever I want to run the server, I get the following error:
Error 1069: The service did not start due to a logon failure.
The following user is configured to start the service: NT Service\MSSQL$SQLEXPRESS
How can I fix this problem?
The answer to this may be identical to the problem with full blown SQL Server (NTService\MSSQLSERVER) and this is to reset the password. The ironic thing is, there is no password.
Steps are:
Right click on the Service in the Services mmc
Click Properties
Click on the Log On tab
The password fields will appear to have entries in them...
Blank out both Password fields
Click "OK"
This should re-grant access to the service and it should start up again. Weird?
NOTE: if the problem comes back after a few hours or days, then you probably have a group policy which is overriding your settings and it's coming and taking the right away again.
This happened to me. A policy on the domain was taking away the SQL Server user account's "Log on as a service" rights. You can work around this using JLo's solution, but does not address the group policy problem specifically and it will return next time the group policies are refreshed on the machine.
The specific policy causing the issue for me was:
Under, Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> User Rights Assignments: Log on as a service
You can see which policies are being applied to your machine by running the command "rsop" from the command line. Follow the path to the policy listed above and you will see its current value as well as which GPO set the value.
While ("run as SYSTEM") works, people should be advised this means going from a minimum-permissions type account to an account which has all permissions in the world. Which is very much not a recommended setup best practices or security-wise.
If you know what you are doing and know your SQL Server will always be run in an isolated environment (i.e. not on hotel or airport wifi) it's probably fine, but this creates a very real attack vector which can completely compromise a machine if on open internets.
This seems to be an error on Microsoft's part and people should be aware of the implications of the workaround posted.
Short answer:
install Remote Server Administration tools on your SQL Server (it's an optional feature of Windows Server), reboot, then run SQL Server configuration manager, access the service settings for each of the services whose logon account starts with "NT Service...", clear out the password fields and restart the service. Under the covers, SQL Server Config manager will assign these virtual accounts the Log On as a Service right, and you'll be on your way.
tl;dr;
There is a catch-22 between default settings for a windows domain and default install of SQL Server 2012.
As mentioned above, default Windows domain setup will indeed prevent you from defining the "log on as a service" right via Group Policy Edit at the local machine (via GUI at least; if you install Powershell ActiveDirectory module (via Remote Server Administration tools download) you can do it by scripting.
And, by default, SQL Server 2012 setup runs services in "virtual accounts" (NT Service\ prefix, e.g, NT Service\MSSQLServer. These are like local machine accounts, not domain accounts, but you still can't assign them log on as service rights if your server is joined to a domain. SQL Server setup attempts to assign the right at install, and the SQL Server Config Management tool likewise attempts to assign the right when you change logon account.
And the beautiful catch-22 is this: SQL Server tools depend on (some component of) RSAT to assign the logon as service right. If you don't happen to have RSAT installed on your member server, SQL Server Config Manager fails silently trying to apply the setting (despite all the gaudy pre-installation verification it runs) and you end up with services that won't start.
The one hint of this requirement that I was able to find in the blizzard of SQL Server and Virtual Account doc was this: https://msdn.microsoft.com/en-us/library/ms143504.aspx#New_Accounts, search for RSAT.
I had a similar issue that was resolved with the following:
In Services.MSC click on the Log On tab and add the user with minimum privileges and password (on the service that is throwing the login error)
By Starting Sql Server to run as Administrator
If the user is a domain user use Domain username and password
One possibility is when installed sql server data tools Bi,
while sql server was already set up.
Solution:-
1.Just Repair the sql server with the set up instance
if solution does not work ,
than its worth your time meddling with services.msc
I don't know how good of a solution this is it, but after following some of the other answer to this question without success, i resolved setting the connection user of the service MSSQLSERVER to "Local Service".
N.B: i'm using SQL Server 2017.