Permission of sqlserver doesn't exist but with sa exists - sql-server

I have a problem with sqlserver authentication .
When i connect to my instance using this information local,windows authentican i have this permission :
But with sqlserver authentication local,sa,12345 i have this permission:
Last day the both permissions was same ,but today the permission of windows authentication are removed and i need the permission of sqlauthentication in windowsauthentication how can i do that?
because my TFS use the windows authentication login .now my TFS doesn't work.
Best regards

i need the permission of sqlauthentication in windowsauthentication how can i do that?
No, you don't. The reason that your sa account can see all of those other logins is because it is a system administrator (i.e. a member of the sysadmin server role). Whatever you're doing with TFS, I can almost guarantee that it doesn't need that level of permission. Find out what permissions you actually need (this looks like a promising start) and grant those. Running any application with privileges it doesn't need is a bad idea in general.

Related

How do I create a DB2 database if my user account does not have the authority?

I am installing Maximo 7.5 Admin Workstation. I am on part 3 of 3, where I am installing the Maximo Asset Management. I am using my Windows domain account that has local Administrator rights.
This is the error I see on the screen:
When I review the CTGInstallTrace00.log , the relevant part is:
C:\Windows\Temp>"C:\PROGRA~1\IBM\SQLLIB\bin\db2" create db 'maxdb75'
ALIAS 'maxdb75' using codeset UTF-8 territory US pagesize 32 K
SQL1092N "MYUSERACCT" does not have the authority to perform the
requested command or operation.
What I have tried:
I tried to assign DBADM privilege to a Windows domain user account using DB2 command line? Logged in as the domain user with Administrators role, I went to Start > IBM DB2 > DB2COPY1 (Default) > Command Line Tools > Command Windows - Administrator. I tried to run db2 grant DBADM to MYUSERACCT -- I just get returned back to the command prompt.
I also tried logging in as local\db2admin and trying to grant DBADM privilege to the domain account. I don't know if I got the syntax wrong, or something else is not done correctly. If I type db2 grant DBADM to user MYUSERACCT then I get this error:
DB21034E The command was processed as an SQL statement because it was
not a valid Command Line Processor command. During SQL processing it
returned: SQL1024N A database connection does not exists.
SQLSTATE=08003
This article explains the SQL1024N error somewhat.
You can only grant the DBADM privilege on an existing database, and you must be connected to that database to issue the GRANT SQL statement, obviously.
If you took time to check the manual, you'd know that the user needs SYSADM or SYSCTRL authority to create a database. These authorities are granted to members of the group specified in the SYSADM_GROUP or SYSCTRL_GROUP instance configuration parameters.
To avoid this error later on in the installation, the Maximo 7.5 installation should be performed using a local account with Administrators role. Domain User with Administrator role may cause issues depending on what the policies are on the Domain.
You will know there is an issue with rights, if you are unable to "Verify Installation Requirements" successfully (part 1 of 3)
Although the middleware installation may run smoothly (part 2 of 3), the Maximo Asset Management install (part 3 of 3) may fail with the DB2 database creation error.

Bugzilla could not connect to the mysql?

I am using C:\Bugzilla>checksetup.pl and it shows me this error message...plz tell me how i connect to mysql with bugzilla....
There was an error connecting to MySQL:
Access denied for user 'bugs'#'localhost' (using password: NO)
This might have several reasons:
MySQL is not running.
MySQL is running, but there is a problem either in the
server configuration or the database access rights. Read the Bugzilla
Guide in the doc directory. The section about database configuration
should help.
Your password for the 'bugs' user, specified in $db_pass, is
incorrect, in './localconfig'.
There is a subtle problem with Perl, DBI, or MySQL. Make
sure all settings in './localconfig' are correct. If all else fails, set
'$db_check' to 0.
You need to grant access to the user bugs from localhost to this database. Try the following, replacing the relevant parameters
GRANT ALL PRIVILEGES ON DATABASENAME.* To 'user'#'localhost' IDENTIFIED BY 'password';
More information about GRANT

Transitioning from Domain Authentication to SQL Server Authentication

Greetings all, I've run into a problem that has me stumped.
I've put together a database in SQL Server Express, and I'm having a strange permissions problem.
The database is on my development machine with a domain user: DOMAIN\albertp.
My development database server is set for "SQL Server and Windows Authentication" mode.
I can edit and query my database without any problems when I log in using Windows Authentication.
However, when I log in to any user that uses SQL Server authentication (Including sa) I get this message when I run queries against my database.
SELECT * FROM [Testing].[dbo].[AuditingReport]
I get:
Msg 18456, Level 14, State 1, Line 1
Login failed for user 'auditor'.
I'm logged into the server from SQL Server Management Studio as 'auditor' and I don't see anything in the error log about the login failure.
I've already run:
Use Testing;
Grant All to auditor;
Go
And I still get the same error. What permissions do I have to set for the database to be usable by others outside of my personal domain login?
Or am I looking at the wrong problem?
My ultimate goal is to have the database be accessible from a set of PHP pages, using a either a common login (hence 'auditor') or a login specific to a set of individual users.
GRANT ALL is not performing the action you believe it to be.
I suggest for testing purposes that you consider using Database Roles in order to manage the privileges of your User.
Here is a list of the available Database-Level Roles
You can add an existing User to a Database Level role by using the system stored procedure sp_AddRoleMember. For example, the following will provide READ permission to your User for all objects within the given database.:
EXEC sp_addrolemember 'db_datareader','auditor'
Ideally, you will likely want to consider defining your own Database Roles in order to manage privileges for your Database Users.

Create a new database problem

I'm logging in to create a new database from CMD through sqlcmd with SA account. Its response is a message: CREATE DATABASE permission denied in database 'master'.
I'm using Windows server 2003 and SQL 2008. Please help me. Thanks in advance.
It doesn't sound like you're actually using the sa account, or else perhaps you haven't set up your service account properly using SQL config mgr. If you used Computer Manager | Services, then the service might not have permission to create the database files.
...Run As Administrator should do the trick.
Typically the user you're using to run the SQL Server service will not have access to certain folders, which is likely why you're getting this error.
Consider one of these alternatives:
change the credentials used for the service (ick!)
use runas /u:... or Run as...
add permission for the service to access those folders
move the database to a location that the service can access
I would check whether the user you are using indeed has CREATE DATABASE permission though. You can check what server roles it belongs to, because it seems it is not a sysadmin role.
You can use this query for example.
select suser_name(role_principal_id) [login ...],
suser_name(member_principal_id) [... belongs to]
from sys.server_role_members
Regards
Piotr

SQL Server and the Guest Account - what is this for?

How is the guest account in SQL Server (2000, 2005, 2008) supposed to be used? What is it good for? I've tried enabling the account but I still can't get certain users to be able to refresh Excel 2007 PivotTables attached to views which I have given SELECT rights to GUEST.
What am I missing?
Guest is mostly just for allowing access to the database, using the Public role. Don't think it's meant to be something that users actually log in as...
When a database is created, the database includes the Guest user by default. Permissions granted to the Guest user are inherited by users that do not have a user account in the database.
It there for you to disable :)
You really shouldn't use it - grant rights explicitly.
http://sql-server-performance.com/Community/blogs/satya/archive/2007/07/31/126786.aspx

Resources