When I start deploying, I get this error:
Internal error: The operation terminated unsuccessfully.
Errors in the high-level relational engine. The database operation was cancelled because of an earlier failure.
Errors in the OLAP storage engine: An error occurred while the dimension, with the ID of 'Dim Customer', Name of 'Customer' was being processed.
OLE DB error: OLE DB or ODBC error: Login failed for user 'NT Service\MSSQLServerOLAPService'.; 28000; Cannot open database
"AdventureWorksDW2012" requested by the login. The login failed.; 42000.
What's wrong? and how can I fix it?
Had the same problem and Daniel's Meresa answer was helpful. The detailed resolution in may case was to run SQL Management Studio and in Object Explorer select Security - Logins - Right click - "New Login...". Fill in the following login name "NT Service\MSSQLServerOLAPService" and check sysadmin in Server Roles. It should be enough.
The error says, you need to add 'NT Service\MSSQLServerOLAPService' user to "AdventureWorksDW2012" database. You can do this in SSMS. Connect to your "AdventureWorksDW2012" database. Under Security-> User, add new user 'NT Service\MSSQLServerOLAPService' with db_datareader, db_owner(Optional) property [Membership, Owned_Schemas tab]
Have a look at the impersonation options on the data source you defined in analysis services that holds the source data of the customer dimension. There you can configure what credentials SSAS should use to connect to the data source.
MSDN entry on impersonation options
make sure you add the user 'NT Service\MSSQLServerOLAPService' into the database and assign the appropriate role read...also make sure to select use service account option under impersonation option in the cube source.
Related
We are using SQL server 2014, we update a password for a user login here
we click properties on a given login account and change the password here
we are certain we entering it correctly when we then try to login to the server using the login and password we get the following error
I don't know where else to look and what else to change -- when we do the same process on a different server it works without issue. But here its failing.
Where should we look and what else do we need to troubleshoot. Could it be we don't have access to certain databases, how do we fix this.
These are some of the errors coming through in the system logs
Message
Login failed for user ‘abc’. Reason: Failed to open the explicitly specified database ‘AMS'. [CLIENT---]
Message
Login failed for user 'abc’. Reason: Failed to open the database ‘Budget’ specified in the login properties. [CLIENT: ---]
Message
Login failed for user ‘abc’. Reason: Password did not match that for the login provided. [CLIENT: ----]
You must set a default database where the user AND relative login can access.
Logins are objects with a password
Users are objects, mapped to Logins, added to SQL Server entities.
Under Server -> Security -> Logins
Unser Database -> Security -> Users
Check also if the user is correctly mapped to the login.
To solve your problem you can set the master database as the default for your login.
You can find out more about the error in the SQLServer logs as described here https://learn.microsoft.com/en-us/sql/relational-databases/performance/view-the-sql-server-error-log-sql-server-management-studio?view=sql-server-ver16.
If you are looking for a quick fix to your problem, you can either:
assign more server roles to your login
or grant it an individual permission
use master;
grant CONNECT ANY DATABASE TO <login>;
BACKGROUND
The user is defined in Azure AD and in Azure SQL.
test.user#company.com is defined and active in Azure AD. I’m able to log in with this user in Azure portal.
I have created a contained database user with the clause "from external provider" in the Azure SQL database and added the user to the db_datareader system role. The commands commits without error. I have compared the Asset ID in Azure AD and the SID in database and they match. I have tried with different users.
I am able to login as an AD User assigned to the SQL servers assigned "Active Directory Admin"
SQL Server users also login without any issue
Login test in SSMS
I have set default database to the specific database I’m trying to log into (Options-Connect to database).
I have tried with different Authentication modes:
“Azure Active Directory – Universal with MFA” and
“Azure Active Directory – Password”
When I try to login with SSMS I get
Error: 18456, state 1, class 14.
When I query [sys].[event_log] it returns
[event_systype]= 4, [event_subtype_desc] = login_failed_for_user.
PROCESS FOLLOWED
I have a user defined in Azure AD. (test.user#company.com)
In my Azure SQL database, I have set an Active Directory administrator.
I have created a user in SSMS test.user#company.com with the following syntax:
CREATE USER [test.user#company.com] FROM EXTERNAL PROVIDER;
I have assigned the user to the db_datareader role with the following syntax:
ALTER ROLE db_datareader ADD MEMBER [test.user#company.com]
ISSUE: When I try to connect as test.user#company.com, the connection fails and I get this error:
Login Failed for user test.user#company.com
Details of error contains:
Error Number: 18456, State: 1, Class: 14
I have tried to find an answer on learn.microsoft.com, googled my ass off and found some useful resources on this, but none that actually helps me with pinpointing what to do to resolve the issue. If anybody have an Idea of what I'm doing wrong, ref "PROCESS FOLLOWED" I'd be forever grateful :)
I solved it by a workaround, setting up a new database.
I did not find the cause of the problem, but it must be related to database setup "DTU"-"Basic" or some setting that I have managed to set without remembering.
Anyways, my process works when I set up a new database with "DTU"-"Standard" Configuration.
It seems to be some kind of encoding problem. After almost giving up and using a different DB, I tried creating a new one, but without some special characters. And suddenly, it worked.
If you can't change your database's password, you can just edit the connection string in another editor and it works as well (Notepad, VS code, etc).
I am attempting to run a snapshot for replication using the following settings.
-Publisher [CUST-5NSA] -PublisherDB [Ticketing] -Distributor [CUST-5NSA] -Publication [TicketingBase] -ReplicationType 2
-DistributorSecurityMode 1
When this runs I get the following error:
Connecting to Distributor CUST-5NSA The replication agent had
encountered an exception Source: Replication Exception Type:
Microsoft.SQLServer.Replication.ConnectionFailureException Exception
Message: Login failed for user 'CUST-5NSA\Administrator' Message Code:
18456
The strange thing is that the event viewer shows that the error is actually that the administrator account doesn't exist which is impossible since I can log in with it.
But even more important there is no setting that I can find that uses the administrator account for replication. We have another account that we use for all the replication settings.
Can anyone point to where this login is coming from?
Go to Replication/Local Publications. Right click on your publication and select Properties. In the Publication Properties dialog, from the left panel, select Agent Security.
Now you can check security settings of Snapshot Agent ( and also Log Reader Agent ) by clicking on the associated Security Settings button. After clicking that button, you see a dialog that by selecting 'Using the following SQL Server login', you can provide the credentials of a SQL Server account on the Publisher that has enough permissions to access the Publisher database or just select 'By impersonating the process account' to use Windows Authentication.
While trying to do anything related to deploying to Azure/creating a BACPAC in SSMS 2012 I encounter error for each of 3 users in my database (who are not the user that is currently logged on)
Validation of the schema model for data package failed. Error
SQL71501: Error validating element [VARIABLE_USER_NAME_HERE]: User:
[VARIABLE_USER_NAME_HERE] has an unresolved reference to Login
[VARIABLE_USER_NAME_HERE]. (Microsoft.SqlServer.Dac)
Any clues?
This SO question really helped:
Can I ignore logins when publishing a Visual Studio Database project?
I realised that the user I was logged on (to my local database) with, had no permissions to view the login details for the login associated with the peer users that were being complained about in the error message. Written in more plain English, and assuming that there are just 2 database users (mr_spoon and mr_fork), what the error message means is "The currently logged on user [mr_spoon] can see that there is another user called "mr_fork" but cannot view the details of the login [also called "mr_fork" in this case] associated with that user"
Logging onto the master DB with my Windows admin login, and then running this query solved it:
GRANT VIEW DEFINITION ON LOGIN::the_login_name_in_the_error_message TO the_user_i_logged_on_with_and_ran_the_export_from
i.e. admin should run this:
GRANT VIEW DEFINITION ON LOGIN::mr_fork TO mr_spoon
Note that SQL Server permission system supports the notion of both Users and Logins, so I've hopefully been quite careful to say user when I mean user and login where I mean login. Why not just run the export from the admin login you may ask? The machine that can do that doesn't have SSMS2012 nor is it possible to install it, and it's the only machine the admin login works from.. Thus, I'd expect this problem is rare but maybe one day this will help someone
I thought I'd post a Q&A because everywhere I looked I only found reference to SQL71501 within the context of SSDT, not SSMS2012/Azure Deployment
I am trying to give all the permissions to a user in the User Mapping section of a database. But, I am encountering this error:
"Cannot use special principal dbo"
Server roles of the user:
This is happening because the user 'sarin' is the actual owner of the database "dbemployee" - as such, they can only have db_owner, and cannot be assigned any further database roles.
Nor do they need to be. If they're the DB owner, they already have permission to do anything they want to within this database.
(To see the owner of the database, open the properties of the database. The Owner is listed on the general tab).
To change the owner of the database, you can use sp_changedbowner or ALTER AUTHORIZATION (the latter being apparently the preferred way for future development, but since this kind of thing tends to be a one off...)
Fix: Cannot use the special principal ‘sa’. Microsoft SQL Server, Error: 15405
When importing a database in your SQL instance you would find yourself with Cannot use the special principal 'sa'. Microsoft SQL Server, Error: 15405 popping out when setting the sa user as the DBO of the database. To fix this,
Open SQL Management Studio and Click New Query. Type:
USE mydatabase
exec sp_changedbowner 'sa', 'true'
Close the new query and after viewing the security of the sa, you will find that that sa is the DBO of the database. (14444)
Source:
http://www.noelpulis.com/fix-cannot-use-the-special-principal-sa-microsoft-sql-server-error-15405/
This answer doesn't help for SQL databases where SharePoint is connected. db_securityadmin is required for the configuration databases. In order to add db_securityadmin, you will need to change the owner of the database to an administrative account. You can use that account just for dbo roles.