Issue with xp_cmdshell - sql-server

I am trying to copy a back up file from a remote system to local using
EXEC master.sys.xp_cmdshell 'XCopy src dest'
command.
The above mentioned command returns file not found error. However the XCopy command copies file from the remote system to the local system when run in command prompt of the local system. Can somebody suggest a solution?

You are trying to access a remote server. When you attempt this from the command line you are using your permissions.
However, xp_cmdshell is run with the permissions of the SQL Server service account. Of course this account should be run with minimum permissions, you may need to increase its permissions to the other server.
MSDN

Also, don't forget that when the xp_cmdshell executes under the SQL account permissions that mapped network drive letters won't be available. You must use UNC path. i.e. \\servername\sharename\path\file

Related

Check if file exist on a webserver using sql server

I want to check that a file exists on a web server using the SQL Server.
I have tried the xp_cmdshell DIR. But it works only for local files.
Please let me know how to achieve this.
Thanks in advance.
After searching for a few days, I found the following which works well :-
When you have to put file, like BCP result, or a backup in a remote drive, just map this drive into windows don't work, it must be mapped on SQL Server to!, to do this, try like this:
exec xp_cmdshell 'net use p:\ \Server\Folder\Folder\Folder\ /Domain\Login /Password'
Reference :
https://social.msdn.microsoft.com/Forums/en-US/6eca2d62-eb86-4f23-9b86-6f917017f50c/bcp-utility-via-xpcmdshell-and-network-drive?forum=sqlsecurity
You can not access with any user, means while access directory in sqlserver you have to only use that user which have directory rights and your sqlserver services running in that user.
if you access in normal user or say simply Network Service or 'Local Service' user (in which sqlserver service run default) you can access all resources of your computer via network too (ie. \yourname\sharablefolder ), but not access sharable folder in the network.
either backup resore : http://www.sqlservercentral.com/Forums/Topic631787-146-1.aspx
or execute command :
http://www.sqlservercentral.com/Forums/Topic808580-359-1.aspx
how can i access a file/folder over network through XP_CMDSHELL in sql server 2008?
https://www.simple-talk.com/community/forums/thread/72262.aspx
https://social.msdn.microsoft.com/forums/sqlserver/en-US/c5ce5e21-17e7-4763-ba68-d3bb7dad213f/access-denied-on-xpcmdshell-with-certain-folders

SQL Server xcopy and xp_cmdshell file not found

I read other help posts but I keep getting file not found on the the network. The path is on the network on a fileshare and I'm using RDP to remote to my own machine that connects to the SQL Server database.
I'm using xcopy command with xp_cmdshell. I can't use just "copy" because I get an access denied error so I'm using Xcopy in this format:
echo f|xcopy /i "\\fileserver\file\excelfile1.xls" \\fileserver\file\newdirectory\excelfile1.xls"
I have tried almost everything and read other posts but this is still not working. I do have parameters for the directory and files, etc. but I actually have it hard-coded in the dos command it's still not working.
Any ideas would be great.
If you get an "access denied" with copy, you'll get the very same error with xcopy too. It offers more options, but won't let you bypass the OS security at will, both are still bound to the permissions of the user account that runs them, like every other software.
There are two options:
Use sp_xp_cmdshell_proxy_account to specify a different user for all xp_cmdshell operations (as suggested by Bacon Bits). This user must have enough permissions to both origin and target files.
Give those permissions to the account that runs the SQL Server service, so that it can access the files directly.
Thank you everyone for responding. This is the first time I've used this forum.
I found out the files were named .XLS but actually in .TXT delimited format. So I renamed them through SSIS with a ForEach Loop and processed them from there.
I tried to XCOPY from command line with new permissions that that didn't work. I was getting an extension hardening error and that is why, XLS to TXT wasn't liking it.

execute a batch file on remote machine

I'm trying to execute a batch file(shutdown.bat and startup.bat of tomcat 7) on a remote machine(Windows server 2008) using PSTools but didn't got any luck till now.
Below are the steps I used
c:\>psexec \\129.12.3.1 -u Admin -p admin90 C:\>Hyp\tom7_50080\bin\shutdown.bat
and on my cmd i got
PsExec v2.0 - Execute processes remotely
Copyright (C) 2001-2013 Mark Russinovich
Sysinternals - www.sysinternals.com
PsExec could not start cmd on 129.12.3.1:
There are currently no logon servers available to service the logon request.
Can anyone help with the above output and with the batch file for executing the shutdown and startup batch file on remote machine.
Is PS Tools only option to execute any service/batch file on remote machine or we could use any other utility provided by MS.
In you example, #David Candy pointed out even you had the connection go thru, it would not work as you have 'c:>hyp\' instead of C:\hyp\tom7_*
You seem to be using IP, but the message you got seems to be name resolution related, so not sure what's happening there. Maybe you should upgrade to the latest PsExec version.
If you want to use PowerShell you would use Invoke-Command -ComputerName {NameOfPC} -ScriptBlock {C:\Hyp\tom7_50080\bin\shutdown.bat}
If you want to execute a program on another server, you can use a stored procedure on that server to invoke the command, and call that stored procedure from the local mcahine.
You could also create a web service on the remote server that invoked the command you want to execute.
In either case, be very careful that you don't open a security hole by either allowing more users to execute commands through the mechanism you implement, or by some user to execute commands other than the one you intend.

Cannot bulk load because the file could not be opened. Operating System Error Code 3

I'm trying to set up a Stored Procedure as a SQL Server Agent Job and it's giving me the following error,
Cannot bulk load because the file "P:\file.csv" could not be opened. Operating system error code 3(failed to retrieve text for this error. Reason: 15105). [SQLSTATE 42000] (Error 4861)
Funny thing is the Stored Procedure works just fine when I execute it manually.
The drive P: is a shared drive on Windows SQL Server from LINUX via Samba Share and it was set up by executing the following command,
EXEC xp_cmdshell 'net use P: "\lnxusanfsd01\Data" Password /user:username /Persistent:Yes'
Any help on this would be highly appreciated
I do not know if you solved this issue, but I ran into the same issue. If the instance is local you must check the permission to access the file, but if you are accessing from your computer to a server (remote access) you have to specify the path in the server, so that means to include the file in a server directory, that solved my case.
example:
BULK INSERT Table
FROM 'C:\bulk\usuarios_prueba.csv' -- This is server path not local
WITH
(
FIELDTERMINATOR =',',
ROWTERMINATOR ='\n'
);
To keep this simple, I just changed the directory from which I was importing the data to a local folder on the server.
I had the file located on a shared folder, I just copied my files to "c:\TEMP\Reports" on my server (updated the query to BULK INSERT from the new folder). The Agent task completed successfully :)
Finally after a long time I'm able to BULK Insert automatically via agent job.
Best regards.
I have solved this issue,
login to server computer where SQL Server is installed get you csv
file on server computer and execute your query it will insert the
records.
If you will give datatype compatibility issue change the datatype for that column
Using SQL connection via Windows Authentication:
A "Kerberos double hop" is happening: one hop is your client application connecting to the SQL Server, a second hop is the SQL Server connecting to the remote "\\NETWORK_MACHINE\". Such a double hop falls under the restrictions of Constrained Delegation and you end up accessing the share as Anonymous Login and hence the Access Denied.
To resolve the issue you need to enable constrained delegation for the SQL Server service account. See here for a good post that explains it quite well
SQL Server using SQL Authentication
You need to create a credential for your SQL login and use that to access that particular network resource. See here
I would suggest the P: drive is not mapped for the account that sql server has started as.
It's probably a permissions issue but you need to make sure to try these steps to troubleshoot:
Put the file on a local drive and see if the job works (you don't necessarily need RDP access if you can map a drive letter on your local workstation to a directory on the database server)
Put the file on a remote directory that doesn't require username and password (allows Everyone to read) and use the UNC path (\server\directory\file.csv)
Configure the SQL job to run as your own username
Configure the SQL job to run as sa and add the net use and net use /delete commands before and after
Remember to undo any changes (especially running as sa). If nothing else works, you can try to change the bulk load into a scheduled task, running on the database server or another server that has bcp installed.
I did try giving access to the folders but that did not help.
My solution was to make the below highlighted options in red selected for the logged in user

The system cannot find the specified drive in Jenkins

I want to copy some files from a network shared drive (mounted at my local machine as drive Z). I have written a Batch file to copy the contents of Z drive into my local drive. This batch file runs successfully on cmd, but i am having issue when i trigger it through Jenkins. The Jenkins gives the following error:
"The system cannot find the specified drive"
Any help regarding this, will be greatly appreciated.
Thanks,
Nouman.
If you don't want to use Jenkins-plugins or schedule-Tasks here is a "groovy" way:
By Hand:
You can use the Groovy Script-Console provided by Jenkins>Manage Jenkins>Script Console and execute the command to map the network-drive within the Jenkins-service. (Must be repeated, once the Jenkins-service is stopped)
Automation:
Write your Groovy commands to a file named "init.groovy" and place it in your JENKINS_HOME-directory. So the network-drive gets mapped on Jenkins-startup.
Groovy Commands - Windows:
Check available network drives using the Script-Console:
println "net use".execute().getText()
Your init.groovy would look like this:
def mapdrive = "net use z: \\\\YOUR_REMOTE_MACHINE\\SHARED_FOLDERNAME"
mapdrive.execute()
Yes Jenkins uses different login credentials. To map a drives through Jenkins use below command in Jenkins command prompt:
Subst U: \drive\folder
then after that your queries.
You might run into permission issues. Jenkins might be executed with different user credentials; so it does not know the configured drive for the windows share. Instead of using shell scripts I suggest to use a plugin. There is a set of Publish-over plugins that allow deployments to remote systems via a couple of protocols (ssh, cfis etc). Have a look at the CFIS plugin that allows to send artifacts to a windows share. Once the plugin is configured (ie the host is specified in the Manage Jenkins section) you can add to the post build steps Send files to a windows share where you can specify which file(s) shall be sent to which location.
Had this issue where my jenkins job was unable to read files present on the network drive.
I resolved it by adding "net use" command in your pre-build step. i.e.
Open your job.
Go to Pre Steps
From the drop down, select Execute Windows Batch Command
Enter the following command:
net use E: \[server name][Folder name] "[password]" /user:"[userid]"
Click Save
Execute the job
I was able to read files from my network drive by following the steps mentioned above.
It seemed to be a one time activity as after the initial run, I had removed the batch command from my job and it seemed to remember the mapped drive command.
Try adding debugging commands to that bat file, or as separate build step, such as net use, set (pay attention to vars like like HOMEPATH and USERNAME) and plain dir Z:\.
As said in another answer, most likely reason is that Jenkins runs as SYSTEM user, which has different permissions. One way around that is, go to services (for example open Task Manager, go to Services tab in it, click the Services button at the lower right corner of that tab), find Jenkins service, open it's properties, go to "Log on" tab and set your normal user account as one that runs Jenkins.
Basically you can access your network shared drive (Z) using by servername or IP from jenkins command. Write \\192.168.x.xxx\Your_Folder instead of z:\Your_Folder.
For example:
mkdir \\192.168.x.xxx\Your_Folder
I was trying to copy files from one remote computer to other, the easy solution which worked for me is COPY iphone.exe \192.xx.xx.xx\dev(dev is the folder name on c drive in that ip address)
A similar issue showed up for us on Jenkins slaves set up on Windows Server 2008 following this documentation. The Jenkins agent failed to access the mounted network drives even after configuring the agent service with the correct user credentials.
Troubleshooting:
Jenkins could access the mounted network drives by their drive letters when connected via the JNLP agent (Launch agent via Java Web Start).
It stops recognizing the drive letters soon after we install the agent as a Windows service. Configuring the correct user credentials and restarting the agent does not help.
We could still access the drives via the command line while logged in to the machine with the above user.
Stop the agent service from services.msc and then uninstall it by running the command jenkins-slave.exe uninstall. The slave is disconnected at this point.
Reconnect the slave by launching the JNLP agent via Java Web Start. The agent can now access the network drives again.
Synopsis:
Do not install the slave agent as a Windows service to keep accessing your mounted network drives using drive letters. But this is highly unreliable as the agent might fail to restart after a machine reboot. Alternatively, see if Jenkins can access them via \\<ip_address\of\network\drive>.
In order to access your remote drive
just use the command in cmd prompt
pushd "\sharedDrive\Folder1\DestinationFolder"
mkdir FolderName
popd
pushd >> It navigates to the shared drive by creating a virtual drive..
popd >> Gets you back to the local directory

Resources