I'm facing a huge issue, I cannot work in our AD anymore, because windows cannot find the dsa.msc file.
Usually, I run Active Directory Users and Computers as my admin account. When entering credentials, I have the following:
If I connect my self from an other computer, this is working fine and I can deal with users & groups.
I've change my password, reinstall all that is related to AD managment, but I can't even imagine restaging my machine. I've deleted temp files also.
This is clearly not a account issue. Even my server team could not help.
From which computer are you trying to do this?
Is this a client computer or a server? Generally you cannot open dsa.msc from a client computer if the Remote Server Administration Tools are not installed on it.
Is this a Domain Controller?
Related
I'm trying to create a database when deploying my WPF application. I don't have any problem if the user of Windows is the admin user. But if the user uses Windows as a guest, the system doesn't allow me to create the database. I get a "permission denied" error.
Is there any way to get this permission when deploying the application or should the admin user give this permission manually before deploying?
Thanks in advance!
A guest account can only create files in it's own user folders.
Meaning they'd have to create the database in appdata or on their desktop ( which sounds like a bad idea ).
I'm not sure they'd even be able to install sql server express. Never tried to on a guest account.
Whether that's practical or not depends on what you're doing in what context.
Sql server express is a service based dbms with the service running in it's own context. You could maybe install sql server and a database on the machine for them and they connect to that.
If this is just a fairly simple application which grabs a small amount of input then maybe serialisation would be a better approach than a database.
I'm trying to make a mobile profile in Windows Server 2016, I created the user account on Active Directory Users and Computers and i set the path to profile like this: http://prntscr.com/hg8joh
Now I am trying to log in with that user account from a Windows 10 client but it shows the following error:
The security database on the server does not have a computer account
for the trust relationship of this station.
I can log in with the admin account and the both computers can do ping to each other so I do not know what to do. Help!
SOLVED POST
I think I just needed to put the Server IP on the Preferred DNS server on the client computer so now it's solved :D
I just installed SQL 2012 Enterprise on a laptop running windows 10 Pro x64.
When I try to execute my SSRS reports from the report manager, I always get the same error:
An error has occurred during report processing. (rsProcessingAborted)
Cannot impersonate user for data source 'DataSource1'. (rsErrorImpersonatingUser)
Log on failed. Ensure the user name and password are correct. (rsLogonFailed)
The user name or password is incorrect
I am using integrated windows authentication with a domain account.
The domain account can log on through SSMS and can access the databases with no issue and run queries.
I have also tried using a local SQL account and password but with the same result - The username or password is incorrect, yet this account works through SSMS and is able to execute queries and such.
When i click the Test Connection button in SSRS datasource configuration, it states the connection was created successfully. (I have included a shot of what I am talking about in the uploaded image)
After googling, people stated that the account that is being used to connect to the database using windows impersonation had to have log on locally permissions, so I added the account through local security Policy, but it made no difference.
Another blog stated the SSRS Service account had to also be granted log on locally permissions - so I granted it the log on locally permission as well. Still to no avail.
I have also tried disabling the windows firewall and connecting to both the machine name and localhost just in case there was some screwy rules regarding localhost - still with the same result.
Other people suggested the execution account in SSRS manager needed be disabled. I didn't set this up initially - but set the account up just in case it had something to do with it - still with the same error then removed it again still with the same error.
Can anyone offer any other suggestions as to what might be the cause and how I might fix this?
Many thanks and Cheers
Rod.
OK - managed to work out the problem and a workaround. But it doesn't actually solve the problem.
Problem is Chrome and IE11 wont update the Reports web site when managing datasources. Even when launched as administrator, the SSRS management interface site does not appear to save the changes. Edge is just a joke so don't even bother with that one.
Now - I figured Microsoft has broken something which SSRS interface needs in windows 10, so I logged onto a Windows 7 machine and using IE11, was able to navigate to report manager site, update the credentials (windows and SQL Server credentials) and the reports run.
Confirmed this by trying to change the credentials back on windows 10 and it immediately broke the reports again. Set the credentials back in Win 7 and it corrected the reports.
So if you are using windows 10 and are having issues configuring credentials for SSRS reports, try logging in from a windows 7 machine and set through IE on that machine.
EDIT: IE11 works on older windows 10 build (enterprise) , latest build (Pro) seems to be broken.
Cheers
Rod.
If you have specified an unattended execution account, SSRS flip-flops between impersonating it and the identity specified in your data source during the rendering process. If you use an unattended execution account, you’ve got to keep the password up-to-date.
You could also choose not to use the unattended execution account at all, which may also solve your problem. For more detail see http://blogs.msdn.com/b/bimusings/archive/2006/08/16/702490.aspx
Simply,
Go to Report Configuration Manager
Go to Excution Account
Enter Domain\UserAccount [User Account is your windows User]
Enter Password [Windows Password]
Save and you are good to go
I'm trying to configure Team Foundation Reporting but without any success.
The App Tier and the Data Tier are in separate servers.
I guess it's not a port/firewall problem, because I opened port 135, and I can see the established connection by using TCPView (from Sysinternals) whenever I click "Populate URLs" in the Reports tab in TFS Administration Console. I can also telnet servername 135 without any problems.
I also checked if WMI service is started in the Data-Tier. And for SQL Server Reporting Services. Also checked for RPC and RPC Locator in both servers. They're all started and automatic.
I also set tfs app user as admin in sql reporting services. Added all kinds of permissions to the tfs user in the Data-Tier server.
I set all user permissions in dcomcnfg.
Allowed all WMI namespaces permissions to the user. (Computer Management -> WMI Control)
Deactivated Windows Firewall in both servers temporarily.
No luck.
However, in the app-tier, when I click Computer Management -> Connect to another computer, and type the data-tier IP, i can't connect. I get the message "Computer xxx cannot be managed. The network path was not found". How is that ? Tried IP, name, and FQDN. I also tried browsing and selecting the computer. Nothing changed.
I'm lost, what could possibly be happening ?
Thanks in Advance!
i'm betting that you're having the double-hop issue. try having your system admin set an spn for the website on the sql server.
you also need the AD permission 'trust for delegation' on the AD Service Account, right?
do that and SetSpn with the service account, that should help I think that the SPN option was spot on
See this answer:
IIS to SQL Server kerberos auth issues
which links to an old but user-friendly troubleshooting web app called DelegConfig. It can try to run the SetSpn commands for you, at least giving you an idea of what they need to be.
I ran into SPN issues when using an externally-accessible URL (+SSL) everywhere.
We have an ASP site using Windows authentication to connect to a SQLServer database. There are three instances of the web site, a Dev environment (located on my Workstation), an UAT environment and a production environment, which are on separate servers.
When I access the Dev site (which uses the same DB as the UAT site) I have no issues, the site connects to the database using my Windows account. However when I connect to the UAT site, it uses a different account (one which belongs to me but is not connected to my default Windows login) which is not permissioned on the DB, so the site returns the following error:
Microsoft OLE DB Provider for SQL
Server error '80004005'
Cannot open database requested in login 'ANAML'. Login fails.
/inc/dbconnect.asp, line 4
The ASP files on the Dev and UAT sites are identical, so can anyone explain why the UAT site might be using the incorrect Windows account? This only affects me, from all workstations, and no other users.
Have rebooted the server and my workstation, and cleared my internet files locally.
I found the answer at this page on ServerFault. Seems the login details for the UAT server had been stored in the Users control panel at some point. Deleting the relevant entry in the control panel restored the correct login when connecting to the website.
Well, my ASP knowledge has mostly faded but I'll see what comes out of my brain. My first thought would be that the Virtual Directory security is configured differently on the server where it is failing. It sounds like you would need it to be set to "Integrated Windows Authentication" only.
If that is set correctly then I'd ask about your connection string. Does your connection string specify Trusted Connection (e.g. it does not specify a username and password)?
Where does the ANAML account come from? Is it a SQL only login or is it a windows account?