I would like to connect to the company's SQL Server 2014, where I am working at, with my computer using windows authentication. I need this to deploy from my machine SSIS packages, without having to access remotely our server's machine.
I have been trying to add a login with my computer name plus my user as MY_COMPUTER\USER, but I keep getting an error, which tells me the it wasn't able to find the domain of my computer.
So, how can I connect my computer to our SQL Server using a windows authentication?
CREATE LOGIN [DomainName\Username] FROM WINDOWS WITH DEFAULT_DATABASE=[master], DEFAULT_LANGUAGE=[us_english]
Your local computer name isn't part of this at all. DomainName is the name of the windows network domain name that your SQL server would be joined to in this case. If your SQL server is not joined to a domain then that is a different scenario and I can't test but I would think you would use the computer name of the SQL Server in place of domain name and then the name of the local user....
Anyway, do you know your Domain Name?
DomainName\Username
If not joined to a domain try
SqlServerComputername\Username
We have a windows network domain joined with our SQL Server. I had already created a user for my computer on our windows network, but I wasn't logging in using the new user.
Related
I have a Microsoft Access Application which generates a connection string like:
Provider=SQLNCLI11;Server=servername;Database=db_name;Trusted_Connection=yes;
This works without any problem.
What I want to do is to connect to a SQL Server instance where the user must insert his Active Directory name and password.
Like this:
Provider=SQLNCLI11;Server=servername;Database=db_name;Uid=username;Pwd=password;
This only works for users which are created on the SQL Server directly.
I tried Uid=DOMAIN\username, but it isn't working.
Is this possible? Or is there another way how I can get through this?
The environment:
The User is using a local PC with a local account and then he's doing a "NetworkConnect" with his AD-User and password.
After that, "RunAs" as his AD-User is working BUT there is another Application that is started from the Access Application and this App must be started with the local User-Account.
SQL-Server and the AD-User are member of the same domain.
Your choices are
Login to SQL Server using your the Windows Domain account that you are currently logged into. You do this automatically by specifying Trusted_Connection=yes;, or
Login to SQL Server using a SQL Login.
Those are the only two choices possible using a SQL provider connection string. Specifically, you cannot use the SQL access provider to do impersonation, that is, to login to SQL Server using a different Windows domain account than the one that you are currently logged into.
Microsoft designed the AD integration with SQL Server to use the account of the client application, not to be able to handle logging in as a part of the connection string. If the user isn't going to be logged into the machine using the account needed for the database access, the next best option may be something like ShellRunAs in order to let the user run your client app as the correct AD account.
I have installed SQL Server 2012 Express edition on a pc which is on a workgroup running Windows 10. I have also created an user for access to the database through the VS2013 application.
When trying to connect to the server from the client machine, I am getting a message saying login failed and it is from an untrusted domain. The client is also on the same workgroup. However, after the SQL Express was installed on the "server" machine, the name of that pc was changed. I can connect to the database from the server using SSMS using the new computer name (in the instance). I have set remote connection parameters and also configured firewall rules. Yet I am unable to access the server from the client machine.
I also want to ensure that the database is totally secured against access or intrusion. Anyone having access to the server machine can view/edit the database using Windows Authentication. How best to safeguard against it?
Any tips would be appreciated.
CL
try to make a new user in server machin using SSMS and be sure that you are adding the new user to the Login Part of Security in SSMS . For this you need to Login to SSMS as administrator ...
Could somebody explain how you can have different databases/security when connecting in via Windows Authentication from when someone connects via SQL authentication?
I have a customer who had to put a computer onto their network. When they did this, the computer name changed. When connecting into SQL it now has a different server name.
The thing is if I connect using a SQL username and password, I get the databases that were installed before. However If I connect using windows authentication, I do not get the database.
I would like to know what needs to be changed in order for windows authentication to see the same as a user logging in via SQL authentication.
How can I go about changing the permissions of windows authentication?
Within SQL Server, there are Logins (at the server level) and Users (at the database level). Your SQL Server login obviously has permission to the database(s) you want to see. The logins can also be windows users and/or groups. So, if you add a named windows user as a server login, you can extend that login as users in different databases. You can do the same thing with a group. So, you could have a single login to your sql server that represents all authenticated users in your domain, etc...
So, I think you need to get into SSMS (SQL Server Management Studio) and see what logins and users are defined on your SQL Server.
I need to connect to a SQL Server 2008 instance in another Windows domain to manage it. We only use Windows Authentication.
In Windows XP, I could use the "Manage Network Passwords" feature to store on my local machine my username and password for the remote machine. Doing so would cause SQL Server Management Studio to use those credentials, instead of my local credentials, when connecting to that server. This worked great, and prevented my having to enter a username or password every time I connected with SSMS.
But, Holy Cow, after upgrading to Windows 7, I can no longer do this. Adding my remote domain credentials in Credential Manager fails to produce the desired behavior. SMSS 2008 R2 ignores the stored credentials, and instead, always sends my local credentials, causing the login to fail every time. There's not even a way, within SMSS, to enter alternate credentials, so the upshot is that I simply cannot access the remote server!
The login fails with the following message:
Login failed. The login is from an
untrusted domain and cannot be used
with Windows authentication.
(Microsoft SQL Server, Error: 18452)
How can I get SMSS on Windows 7 to work the same way it did on Windows XP?
It looks like there is a bug in the Windows 7 Credential Manager that causes this behavior. After lots of Internet research, I found some ugly workarounds, but also found a great one:
In Credential Manager, add an entry for the remote server, but instead of adding just the server name, like database.contoso.com, add the server name with the SQL Server port, like so:
database.contoso.com:1433
This results in the desired behavior, with no pain!
Source: http://social.msdn.microsoft.com/Forums/en-US/sqlsecurity/thread/c05a90e4-cb16-46f6-9072-37083c65696d/
Also remember, of course, that you need to prefix the remote username in Credential Manager with the remote domain name, like so:
database\administrator
I need to set up a "throw-away" instance of SQL Server 2008 for students to test a program for a few weeks. SQL Server 2008 is running on a virtual instance of Windows Server 2008. The server is not a member of the domain. The client computers that need to connect to the SQL Server are domain members, as are the student accounts. The client program expects to connect with Windows Authentication. This would all be very simple if the server were in the domain; despite lengthy discussions with the school's IT, this is not going to happen...
So: I need to configure the SQL Server to accept connections from these clients. I'm no sys-admin, so my best guess (based on this article) was:
Enable the Guest account on Windows
Add "NT AUTHORITY\ANONYMOUS LOGON" to the logins accepted by the SQL Server
Set "Network Access: Allow anonymouse SID/Name translation" in Local Security Policy
Add the registry entry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\TurnOffAnonymousBlock and set it to 1
By my reckoning, that should have done it, but the clients still cannot connect. Can anyone give me a recipe for getting this to work? Basically telling the SQL Server to accept connections from anyone and everyone?
p.s. No security worries: this is all behind the school firewall, and I will reset the instance when we are done.
In order for two machines to connect using Windows Authentication, one of two things must be true:
The machines are in the same domain, or
The machines are in the same workgroup and the Windows account has the same password on both machines
If neither is true, then the only alternative is SQL Authentication (SQL Server-specific username and password).