We have a .NET3.5 Windows Forms application that calls an ASP.NET SOAP web service on the same server. This web service then saves the data into a SQL Server Express 2005 database, again on the same server.
The application has been deployed internally, as well as to a number of our customers and has worked as expected for over 18 months. However this week, at our main customer's site, the application has started generating an error message on four out of the 10 servers it is deployed on. All of the web service methods use the same connection string, but only one web method is affected.
The connection string has this format:
Data Source=MYSERVER\SQLEXPRESS;Initial Catalog=MyDatabase;
Persist Security Info=True;User ID=MyUser;Password=MyPassword
When the application calls one particular web service method, it is producing an error:
Cannot find the user 'MyDatabase', because it does not exist or you
do not have permission.
There have been no changes to the application to cause this, however the customers' IT people may have made changes to these servers. MyUser has been granted permissions on the stored procedures and is able to connect to all of the other web service interfaces.
The main thing that is confusing me is that the error messages says that the user that does not exist is MyDatabase which is the Initial Catalog name in the connection string.
I have been onsite with the customer and verified that the application is still set up correctly and that all of the other web service interfaces are correctly connecting to the database.
Any suggestions of either possible causes or other things I can check would be gratefully received.
I would strongly advise against removing the dbo. That is the schema name. Simply removing it will imply to the DB to use the default schema, which is probably dbo anyways. So it would accomplish nothing. But by not using the schema name when calling the procedure you can run into naming conflicts. For example, if you have a procedure with the same name in two different schemas in the DB, and you try to call it without a schema name, the DB will not know which one to call, resulting in an exception.
Related
We use Azure SQL Database, and therefore had to jump through some hoops to get cross-database queries set up. We achieved this following this great article: https://techcommunity.microsoft.com/t5/azure-database-support-blog/cross-database-query-in-azure-sql-database/ba-p/369126 Things are working great for most of our databases.
The problem comes in for one of our databases which is read-only. The reason it's read-only is b/c it is being synced from another Azure SQL Server to derive its content. This is being achieved via the Geo-Replication function in Azure SQL Database. When attempting to run the query GRANT SELECT ON [RemoteTable] TO RemoteLogger as seen in the linked article, I of course get the error "Failed to update because the database is read-only."
I have been trying to come up with a workaround for this. It appears user permissions are one of the things that do NOT sync as part of the geo-replication, as I've created this user and granted the SELECT permission on the origin database, but it doesn't carry over.
Has anyone run into this or something similar and found a workaround/solution? Is it safe/feasible to temporarily set the database to read/write, update the permission, then put it back to read-only? I don't know if this is even possible - I was told by one colleague that they think it will throw an error along the lines of "this database can't be set to read/write b/c it's syncing from another database..."
I figured out a work-around: Create a remote connection to the database on the ORIGIN server. So simple, yet it escaped me until now. Everything working great now.
I'm developing an asp.net mvc application at my office. I wanted to work at home as well, so, I pushed my project on github, when I came my home back, I pulled it from github to my projects folder, now I tried to access its SQL Server database in server explorer using windows authentication, on pressing ok, it showed me the following error :
Cannot open database "HrAndPayrollSystem.Models.HrAndPayroll" requested by the login. The login failed.
Login failed for user 'user'.
and here is my connection string :
<connectionStrings><add name="HrAndPayroll" connectionString="Data Source=(LocalDb)\MSSQLLocalDB;Initial Catalog=HrAndPayrollSystem.Models.HrAndPayroll;Integrated Security=False" providerName="System.Data.SqlClient" />
What could be the reason, how should I resolve it? Thanks in Advance :)
So, I somehow managed to get through this.
In other words, this error says that you need to access your database at least for a single time, means you need to perform some transactions with the database, inserting something or retrieving something, at this point you accessed the database for the first time on the different machine. Since, I had to access database at the point when my application starts, so, crashing start crashes my whole application, so I created another controller that does not contain any authorize attribute, just to leave it open in order to access the database, created a single field, accessed the database, now go and check your database in server explorer, you are about to access it for the first time in the database, and now also, it will never crash anywhere.
So, the point is that you need to access your database at least for a first time..
We are running into a few issues with our TFS installation (TFS 2013 Update 4, SQL 2014 Standard) as a result of email alerts. Most notably, Work Items cannot be created, because this triggers an email.
Any time a process or user attempts to create a Work Item, the error
TF30040: The database is not correctly configured. Contact your Team Foundation Server administrator.
is received. Further, when I check the Event Viewer on the server, I can see the error and it reports that the inner exception is:
Exception Message: The EXECUTE permission was denied on the object 'sp_send_dbmail', database 'msdb', schema 'dbo'. (type SqlException)
I have worked with the DBA and we have enabled Email Alerts on the server. We have verified that, in general, the alerts work by using the test button on the administration console. I can also set up a check-in alert through the web interface and receive said alerts without issue. This seems to be specifically affecting Work Item creation alerts (which apparently are just automatically and irrevocably enabled).
Presumably, we could correct this by giving appropriate permissions to use that stored procedure. To do so, we need to know what user to give permissions to. So far we have tried giving execute permissions to my AD user, the service account used by the build service, and the Network Service account (which appears to be the TFS Service Account).
There is no indication in any error message as to what user is being used to execute that procedure. So, my question: What SQL user is used to send alerts when creating Work Items?
Edit:
For the record, this started working of its own accord. We decided Monday to call Microsoft to get this fixed. Before that happened, failed builds magically created some work items (on Tuesday, a full day after we gave up), and we are now able to create work items. Everyone involved states not doing anything. We are baffled, but in a good way.
I'm going to advise you that a DBA should not be making changes to the TFS databases. I suggest opening a ticket with MSFT and getting assistance from the product support group.
I have a silverlight application where when I run the application I read the database and populate the results in the combobox, but when I publish it on the server(IIS) the it returns me a null, I can't even debug the error because it return the result when I host it on my system but null when hosted..
Please guide...
Taking a stab in the dark here. Most likely this is a security issue. When debugging locally, your web server runs under your credentials. If using integrated authentication to your database, then the web service host acts like it is you when making requests to the database. However, when you deploy, the server tries to connect to the database using the credential associated with the application pool that is running your site. Check your database connection string to see if it is pointing to the right database and try using a named user/password with an account that does have access to the database.
If this doesn't fix the problem, try accessing one of your services directly (using Fiddler?) to see what the service is returning as an error message that your Silverlight client is ignoring.
Executing SqlScript at the remote DB causes an error:
Failed to connect to SQL database. (-2147467259 myDB1)
The SqlScript is the following:
<sql:SqlString
Id='UpdateSomething1'
SqlDb='myDB1'
ExecuteOnInstall='yes'
User='SQLUser'
ContinueOnError='no'
ExecuteOnReinstall='no'
ExecuteOnUninstall='no'
Sequence='26'
SQL='[SqlString]'/>
where the Db is:
<sql:SqlDatabase
Id='myDB1'
Database='myDB1'
Server='[DATABASE_SERVER]'
CreateOnInstall='yes'
DropOnInstall='no'
DropOnUninstall='no'
ContinueOnError='no'/>
and the user is:
<util:User
Id="SQLUser"
Name="myUserName1"
Password="password1"/>
The problem does not occur with the local DB.
We extracted more specific error message from the IP traffic (the actual error that the remote MSSQL server throws):
Can not open database "myDb1"
requested by the login. The login
failed. {remote machine name} Login
failed for user {user name}
Thank you for any help and information.
Max
I would need more information to be sure but here are some general observations I've had over the years.
In MSI, you typically run deferred custom actions with no impersonation so that they run as Administrator to support managed/elevated installs where the invoking user doesn't have admin either because they really don't or because UAC hasn't elevated their process.
In InstallShield, and I'm sure WiX is similar, this typically causes a problem for remote database connections. If you have a dialog in the UI sequence to test the connection it will succeed ( when expected to ) because the interactive user has permissions to that database/instance. And if installing locally it will succeed because SYSTEM (typically) has permissions the database/instance. But when installing to a remote instance it will frequently fail because SYSTEM can't authenticate against SQL on the remote machine. Your mileage will improve if using sql authentication ( e.g. SA ).
Personally I have some practices that I follow. If I'm creating a single tier system, I restrict the database to (local). If I'm creating a 2 tier system, I create two installers: one for my database layer which I restrict to (local) and one for my application layer which I then reuse the sqllogin dialog to verify connectivity and write the values out to a web.config or app.config. This allows me to loosely couple the layers and service them independently of each other.
I hope this helps to understand the types of issues that can be encountered. I don't know your exact problem without seeing your environement.
The WiX custom actions are just using standard OLEDB commands to connect to the remote server. If the credentials work locally but not remotely then I'd start by ensuring the credentials are correct. There isn't anything different in the WiX custom actions between local and remote servers.
Looking at your database element I would say that you have not added the User attribute to the sql:SqlDatabase so it is creating the database impersonating the current user.
Try:
<sql:SqlDatabase
Id='myDB1'
Database='myDB1'
Server='[DATABASE_SERVER]'
User='SQLUser'
CreateOnInstall='yes'
DropOnInstall='no'
DropOnUninstall='no'
ContinueOnError='no' />