I have a database created in SQL Server with the following configuration:
Also, I am trying to connect to the database named EDS.
For that I created the following details:
Should i have domain in the string or should it be in the username?
When i go to the database properties i see the owner has.
Also, is the url correct on the instance part according to the image? it looks like it is not able to go to that particular instance.
Also, this is the configuration for the connection (using Windows Authenticaton)
When I put in the username I am getting the following error log:
com.microsoft.sqlserver.jdbc.SQLServerException: Login failed for user '. ClientConnectionId:e812971f-b03c-4210-9dbd-de0791bcc304
When specifying the location of the SQL Server instance, one normally provides serverName\instanceName or serverName:portNumber, not both. That is, either
jdbc:sqlserver://INNOWAVE-99\SQLEXPRESS01;databaseName=EDS
or
jdbc:sqlserver://localhost:1433;databaseName=EDS
(assuming that the SQLEXPRESS01 instance has been explicitly configured to listen on port 1433, which is not usually the case for a SQL Express instance).
As mentioned in the documentation for Building the Connection URL
If both a portNumber and instanceName are used, the portNumber will take precedence and the instanceName will be ignored.
There is no domain= property defined for the connection URL for Microsoft's JDBC driver for SQL Server. Logging in to the SQL Server instance with Windows domain credentials is done implicitly using the integratedSecurity=true connection property (and not explicitly providing a username and password); details here.
I'm also having the same problem. Working for me too without port number.
Don't forget to give semicolon at the end of the connection.
Connect to the default database on the local computer by using integrated authentication:
jdbc:sqlserver://localhost;integratedSecurity=true;
Connect to a named database on a remote server:
jdbc:sqlserver://localhost;databaseName=AdventureWorks;integratedSecurity=true;
Connect on the default port to the remote server:
jdbc:sqlserver://localhost:1433;databaseName=AdventureWorks;integratedSecurity=true;
Connect by specifying a customized application name:
jdbc:sqlserver://localhost;databaseName=AdventureWorks;integratedSecurity=true;applicationName=MyApp;
Reference Link : mssql document
Related
I recently created a self-signed certificate and turned encryption on in SQL Server 2014:
The problem is that now the SQL Server service won't start:
This article from 2010 identifies the problem as a permissions issue: The SQL Server service does not have the necessary permission to read the SSL cert's private key.
The problem is that I am stuck on step 4 of the solution proposed in the article:
There is no group or user name matching the proposed format when I bring up the window shown in the article.
Is there another way I can determine the account that SQL Server service runs under, so that I can give it permissions to read the SSL cert?
An entirely different solution is welcome too.
If you specify the certificate, which should be used for TLS by SQL Server, then the SQL Server windows service have to read the certificate and the private key (the file from the folder %ProgramData%\Microsoft\Crypto\RSA\MachineKeys), which corresponds the certificate. The problem is: the SQL Server Configuration Manager in not comfortable and it makes not all the required work.
Thus first of all one should localize the Account used by SQL Server. One should start services.msc, find the account of SQL Server service. It's typically a build-in account like Local System, Network Service a local or domain account like .\SQLServer, DOMAIN\SQLServerAccount or an service account like NT Service\NT Service\MSSQL$SQL2012 on the picture below:
To grant permission on the private key to the account one can use Certificate Snap-In of mmc. One can start mmc.exe, choose "Add/Remove Snap-in" in the "File" menu, choose "Certificates" Snap-in and to choose "Computer account" of the Local computer. Then one should select the SSL certificate of Personal store and then use context menu "Manage Private Keys...".
and to add account like NT Service\NT Service\MSSQL$SQL2012, found above, and to set "Read" permission to the account on the private key:
If you would like to establish connection to the SQL server inside of the domain (both the client and the server have to belong to the same Active Directory or to the directories connected via the trust) then one should to create SPNs for the SQL server. If I correctly understand your requirements, you want to allow remove connection to SQL Server over HTTPS. One have to active mixed security to be able to connect to the server via SQL Server Authentication:
After creating SQL Login, making all above changed and restarting SQL Server service one will be able to establish TLS (encrypted) connection to the SQL server. In case of attempting to connect via Windows Account without creating SPN previously one get the error:
A connection was successfully established with the server, but then an
error occurred during the login process. (provider: SSL Provider,
error: 0 - The target principal name is incorrect.) (Microsoft SQL
Server, Error: -2146893022)
The target principal name is incorrect
If one forget to change Windows Authentication to Mixed authentication () then one will get the error like
Login failed for user 'OlegKi'. (Microsoft SQL Server, Error: 18456)
If all above steps done one can establish TLS connection using SQL Management Studio for example, but one still have to choose some options:
One should check "Encrypt connection"
and to set additional connection property TrustServerCertificate=true
Typically one use Encrypt=true;TrustServerCertificate=true; as the part of connection string in the application which establish the connection to SQL server. We set Encrypt=true property by the checkbox "Encrypt connection" describe above. More detailed about the meaning of the properties and different combinations of the options can be read in "Enabling Encryption" section of the MSDN article.
If one do all the above steps and check "Encrypt connection" without setting TrustServerCertificate=true property then one will get the error:
A connection was successfully established with the server, but then an
error occurred during the login process. (provider: SSL Provider,
error: 0 - The target principal name is incorrect.) (Microsoft SQL
Server, Error: -2146893022)
The target principal name is incorrect
which I already described above in a little another situation (connection with Windows account).
I described all above steps because configuration of TLS connection to the server is really not so easy and one can get strange errors, which direct description gives no direct tips how to fix the problem.
One other note: If you are entering the certificate thumbprint into the registry manually by copying and pasting from the certificate manager, you must remove the leading character. It is an invisible unicode character, but it will cause the SQL Server service to be unable to start if it is present. This is in addition to making it ALL CAPS, and removing all spaces.
I ran into this issue as well. What i was doing was:
Importing the certificate from the sql server protocol properties dialog, using the 'import' button. I imported the public key, then another open dialog opened to import the private keys. I then set the private key permission to the sql server service.
When importing a key pair directly, such as a .pfx bundle, the application crashed.
All permissions to MachineKeys were granted as well for the sql serive, but I could not find through process monitor any access denied for that path.
In order to solve my issue, i imported the pfx directly from the explorer. I first removed the key pair from the store, then I ran through the wizard to import the pfx in the local machine store, personal folder. I checked the permissions on the private key, they were still set for the sql service. I checked the protocol properties, the certificate was already selected. Only then the server started.
Since Sonarqube 5.2 is released, the jTDS JDBC driver is no longer supported. We used this driver to connect to our SQLServer instance, but we'll have to switch to the Microsoft SQLServer driver. We're running Sonarqube on Ubuntu and use an Active Directory account to connect to the SQLServer database. Because we're running on Ubuntu we can't use integrated security, so the credentials have to be supplied in the JDBC configuration for Sonarqube. This would result in the following properties:
sonar.jdbc.url=jdbc:sqlserver://sqlserverhost.my.domain.com:1433;databaseName=sonar;selectMethod=cursor
sonar.jdbc.username=someuser
sonar.jdbc.password=somepassword
This results in SQLServer in a "Login Failed" with the message "Could not find a login matching the name provided."
The next thing I tried was to connect with a username containing the domain, resulting in these properties:
sonar.jdbc.url=jdbc:sqlserver://sqlserverhost.my.domain.com:1433;databaseName=sonar;selectMethod=cursor
sonar.jdbc.username=DOMAIN\\someuser
sonar.jdbc.password=somepassword
This however also results in a "Login Failed" in SQLServer, the message here is "Attempting to use an NT account name with SQL Server Authentication."
What am I missing?
UPDATE:
The Sonarqube log can be found here: http://pastebin.com/AGB9bTQG
I can think of one thing which is different from the jTDS connection url:
the jTDS connection url contained ";domain=my.domain.com", which the Microsoft SQLServer driver doesn't seem to support. Therefore I tried the DOMAIN\someuser setup which SQLServer refused.
The driver is completely different from the jtds driver. In order to use it, you'll need to specify the authenticationScheme=JavaKerberos parameter (please refer to https://msdn.microsoft.com/en-us/library/gg558122(v=sql.110).aspx and http://blogs.msdn.com/b/psssql/archive/2015/01/09/jdbc-this-driver-is-not-configured-for-integrated-authentication.aspx)
The problem here is that your Linux machine is most likely not in the same domain, so you'll need to configure kerberos on your Linux machine too. Your best bet would really be mixed mode.
The connection string format has changed. No more :1443 or selectMethod
sonar.jdbc.url=jdbc:sqlserver://sqlserverhost.my.domain.com;databaseName=sonar
The connection string setting needs to be in the format:
sonar.jbc.url=jdbc:sqlserver://{server}:{port #};databaseName={db name}
e.g.
sonar.jbc.url=jdbc:sqlserver://localhost:36549;databaseName=Sonar
Check in SQL Server Configuration Manager that TCP/IP protocol is enabled and to find the port number for the SQL instance you want to connect to. Note that the database name in the connection string is case sensitive and must match what appears in SSMS.
Re: Windows Auth to SQL Server - you need to either use a SQL Server Auth user, or comment out sonar.jdbc.username and sonar.jdbc.password so that the SonarQube makes the connection under the credentials of the user running the SonarQube service; I don't think it supports impersonation.
Our solution was to have a SQL Server account created with permission to the database and use that instead of using the AD/Windows account.
I'm trying to set up TeamCity 9 locally to a local SQL Server Instance and getting the following error.
The connection to the host localhost, named instance (localdb)\v11.0 failed. Error: "java.net.SocketTimeoutException:
Receive timed out". Verify the server and instance names and check
that no firewall is blocking UDP traffic to port 1434. For SQL
Server 2005 or later, verify that the SQL Server Browser Service is
running on the host.
SQL exception: The connection to the host localhost, named instance (localdb)\v11.0 failed. Error:
"java.net.SocketTimeoutException: Receive timed out". Verify the
server and instance names and check that no firewall is blocking UDP
traffic to port 1434. For SQL Server 2005 or later, verify that the
SQL Server Browser Service is running on the host.
I've tested the connection via SSMS and the credentials I'm supplying the TC web set up are the same. The login has rights to the table.
Using sqljdbc41.jar
It has to be something simple.
Thanks!
It is difficult to know what might be the issue with your environment but I can tell you what worked for me. The key item was to use the JTDS JDBC driver rather than the Microsoft JDBC driver.
Download the latest driver from http://jtds.sourceforge.net/
Unpack the downloaded zip file into the %TEAMCITY_DATA_PATH%/config folder
If you are using NTLM (i.e. Windows) authentication to connect to your database then specify the following for the database.properties file:
# Database: Microsoft SQL server (via jtds driver)
connectionUrl=jdbc:jtds:sqlserver://localhost:1433/TeamCity
#connectionProperties.user=
#connectionProperties.password=
NOTE: This requires the TeamCity windows service to run under the credentials of the account that is the owner of the database. In addition, the ntlmauth.dll file needs to be copied from the JTDS zip file\x86\SSO folder to the TeamCityHome\bin folder as well.
If you are using SQL authentication to connect to your database then specify the following for the database.properties file:
# Database: Microsoft SQL server (via jtds driver)
connectionUrl=jdbc:jtds:sqlserver://localhost:1433/TeamCity
connectionProperties.user=<SQL Login Name>
connectionProperties.password=<SQL Login Password>
Because the JTDS driver does not have a default port to use, you must
specify a port in the value supplied for the connectionUrl.
If you use named instance you can specify the instance name by
following means:
For example if the instance name is sqlexpress then either add the
instance property into the connection URL, like the following:
connectionUrl=jdbc:jtds:sqlserver://localhost:1433/TeamCity;instance=sqlexpress
Or, specify corresponding property in the database.properties file:
connectionProperties.instance=sqlexpress
See also: http://confluence.jetbrains.com/display/TCD9/Setting+up+an+External+Database
I am trying to configure SQL Server to allow LAN connection but I do not seem to have any luck.
I am using the default server name and have created a new SQL Server user with a username and password.
I have also enabled Named Pipes and TCP\IP from SQL Server Configuration Manager and then reset the server.
I have tested the user on the local computer witch will act as the server
It seems that the client PC throws this error:
I usually get this error when I type the wrong server name this leads me to believe that I might need to add some additional configuration.
Can anyone point me the right direction on what I have to do next?
I'm trying to connect to a SQL Server database at Discount asp.net hosting with SQL Server Management Studio. Here`s the connection string that is working fine. What parts of it should I use in Management Studio to connect to remote Db?
Data Source=tcp:sql2k803.discountasp.net;Initial Catalog=SQL2008_709539;
User ID=SQL2008_709539_user;Password=password;
I'm filling the fields in the following way:
Server name: tcp:sql2k803.discountasp.net
login: SQL2008_709539_user
password: password
authentication type is SQL Server.
If it returns "Login failed" then you are getting to SQL Server but SQL Server is rejecting you (so it won't involve firewall, DNS, etc). Did you try explicitly setting the database information in the Connection dialog in SSMS? You may have to follow up with the host and ask them what state was found in the SQL Server log to go along with your failed attempt to log in. This is often because the database wasn't specified or the wrong database was specified.
Here is a list of all the states I've observed and what they probably mean, if your host won't directly tell you what to fix but they do tell you what state was found in SQL Server's log:
Troubleshooting Error 18456
Database: SQL2008_709539
Login: SQL2008_709539_user
Password: password
Host: sql2k803.discountasp.net
Please note also:
Some hosting companies denies access by default so you may have to request access from your IP address
Sometime I was unable to connect using host name, I used IP address to connect via Management Studio (such problem appear due firewall, proxy, etc)
ADDED:
Also see whether you've enabled remote tcp/ip connections
If it's working fine, use tcp:sql2k803.discountasp.net as server address, and user / pass as login data