So I created a new database on my SQL Server box and then added an ODBC entry so my ASP code knows what it is. Now I am getting this error:
Cannot open database "DB_NAME" requested by the login. The login failed.
I checked out the permissions by right clicking the db in Management Studio and checked permissions and low and behold it is empty.
I am just trying to duplicate the permissions of one of any of the other twenty or so databases sitting on the box. Is there a quick way to do this? Either way I just need to open up the lines of communication between my ASP code and my SQL Server db
Here is my connect code in ASP:
Set sqlConnection = Server.CreateObject("ADODB.CONNECTION")
sqlConnection.Open "DB_NAME"
Is there some reason to avoid using a proper connection string:-
sqlConnection.Open "Provider=sqloledb;Data Source=myServerAddress;Initial Catalog=DB_NAME;User Id=myUsername;Password=myPassword;"
On top of what John said, when you create a new database, you have to map the login (either SQL login or Windows login from Application Pool) to this database. You can use management studio to do this - open login properties and map it to the new database. Open Object Explorer, then click Security, Logins and rightclick login that is used by your application. Select Properties. Click User Mapping and add appropriate entry for your database in the grid you will see.
The other option is to run statement to create user within the database:
Use DB_NAME
go
create user [web_user] from login [web_login]
go
Another question is to see what rights have to be assigned to the user in the database. You have to check users permissions in one of the existing databases. Again in Object Explorer, click your existing database, then Security, Users and rightclick Properties of the user that you want to check. Observe information displayed on the dialog box in the General tab and check if there are any Securables assigned to the user. You have to copy these settings to the user in your new database.
HTH
Piotr
Try adding the user id and password into your connection string.
Related
Suppose I have a login metamanager\test which shows when I execute T-SQL, but it is not there when when I expand Security -> Login in SSMS.
Same with a database user.
I try to replicate but failed
use master
select * from sys.syslogins is used for login
use DB
select * from sys.sysusers is used for database user
A LOGIN and a USER are completely different objects.
A LOGIN is a server object, and appear in sys.syslogins, as you see.
A USER is a database object, and for a LOGIN to have access to a database, it needs to have a USER mapped to the LOGIN in that database. A LOGIN with no mapped logins in any databases, and without any server level roles, will be unable to access any of the database on the instance, apart from those that the public roles has in tempdb and master.
It appears, here, you need to create the user in the database, and then give it the appropriate permissions. You can create the USER with the following:
USE {YourDatabase};
GO
CREATE USER 'metamanager\test' FOR LOGIN 'metamanager\test';
You'll need to give it the appropriate permissions afterwards.
Also, after you have created the user, ensure you have refreshed your object explorer. Object explorer doesn't automatically refresh after you create an object.
Not sure if you explaining it correctly, but syslogins and server_principals are about the same. Only the difference that server_principals include "Roles".
As far as I know it is impossible to have something in syslogins, which does not exist in server_principals.
Our business has just changed Active Directories and the domain changed, from "YMS" to "YMSNET". So I used to be able to log in with "YMS\tkol" and I can now log in with "YMSNET\tkol" (these usernames and domains are faked for the purpose of example), but when I log in as that now, I can't actually expand any of the databases or look at any of the tables, I can just see a list of the database names. When I try to expand a database in the UI it says "This database is not accessible (Object Explorer)."
Now I have another user, called "sqluser", and I keep trying to use that user to log in as well by changing the Authentication Method to SQL Server Authentication rather than Windows Authentication. But I get Microsoft SQL Server, Error: 4064
Now I know this sqluser user exists and the password is correct, because I can authenticate to the server and successfully interact with the tables from an external process on a separate computer on the same network (node.js, package mssql). And I used the query on the accepted answer on this question, and found my sqluser is there, with roles db_accessadmin, db_ddladmin, db_owner. And yet it still won't let me log in with that user in the SQL Server Management Studio UI
How can I get this working again and log in with my sqluser account? Or add the appropriate permissions for my YMSNET\tkol account?
--- edit ---
My first idea is that, because I can log into the UI with YMSNET\tkol, but I can interact with the databases externally with sqluser, that there is some query or command I can run with sqluser that will add permissions for YMSNET\tkol so that that user can now look at all the databases and tables. I don't know which commands I'd run for that.
It can be because your account's default database is mapped to some another db which is not available for you, for instance, you have no permissions there, or that database not exists anymore etc.
Your organization DBA can fix it by:
ALTER LOGIN [sqluser] WITH DEFAULT_DATABASE = [rightDB]
Default db name can be checked by:
select default_database_name from sys.server_principals
where name = 'sqluser'
This property can be overridden by opening "Options" of SSMS connection window and specifying it explicitly:
I've been trying to figure out how to add a new user,
but I haven't managed to figure it out so the new user will have access to only a specific database without being able to see the whole server / users / databases.
Any help will be apperciated
thank you!
To add a new user who have access to only 1 database, you need to create a new login and add a user mapping to that login for the database you want,
to do this, open MSSQL Management Studio, on the left panel, expand your server by click on the checkbox and select security then Logins.
Then, right click on the logins box and select new login.
On the new login window, provide login name(user name) and authentication type, then there's select page tab on the left side, then select user mapping and add the database you want to that user, also remember to add object to default schema of that database.
USE Databasename ;
CREATE USER username WITH PASSWORD='passwd';
GRANT ALL ON Databasename TO username;
If you are on SQL Server 2012 and higher, Contained Databases is what you are looking for.
Making a database contained, you give it the ability to authenticate a user (not login), and the users of contained database will see nothing at the server level, no other databases will be visible to them.
when I deploy adventure works cube it fails, and i get: user does not have permission to create a new object in 'GARY-PC', or the object does not exist.
trying to process cube from adventureworks DW and having what seem like permissions issues (?).
took following steps (i am using sql server 2008 R2 developer edition and VS 2008):
1 downloaded and successfully created adventureworksDW (2008R2) database from
2 successfully created Datasource and DSV for a cube with 2 fact tables and several dimensions.
3 Click deploy
I see the following 2 prompts
Login: greyed out, can’t type anything here
the password is required for the impersonation account of data source Adventure Works DW.
Now, Whether I enter a password or not, I get:
Error 3 Either the 'Gary-PC\Gary' user does not have permission to create a new object in 'GARY-PC', or the object does not exist. 0 0
what objects is SSAS trying to create? are these objects in the relational database?
You have to add your user account as an administrator in the Analysis Services portion of the SQL server.
For some reason the database and the analysis services portion of the server do not share login information. The user you run Visual Studio under needs to have administrative access to the Analysis Services engine; this is the reason running as administrator works. The account you use to access the Database Engine is arbitrary.
Right-click on the SQL Server Management Studio icon and then select "Run as Administrator"
Select "Analysis Services" from the "Server type:" drop-down list in the "Connect to Server" dialog box, then click connect.
Right-click on the localhost definition in the Object Explorer panel and select Properties.
Click on Security in the left panel of the Analysis Server Properties.
Click the Add... button and type your user name and click the Check Names button to make sure you typed it right. Then click OK.
Click OK.
Note: This may not the most secure solution, but it enables not running Visual Studio as administrator every time and possibly opening up yourself to attack.
The Error message is:
"domain\user does not have permission to alter object 'mf20'..................."
I gone through the work around and found the solution as below:
Open Services, go to Analysis services--->right click on it -->
Properties-->LogOn --> select This Account -->give server and your
user name here. confirm it is your user, click ok.
Stop the service and again start the service. check the service Log On As in your user name.
That's it. save your cube in BIDS and close and reopen the cube, then deploy the cube. it will deploy and process it.
I hope this will help.
I had the same exact issue, but I was using the Adventure Works DW 2012. The problem is not on the database end but how your trying to deploy. When you run BIDS (or SQL Data Tools 2012 or Visual Studio 2010) use the "Run as Administrator" menu option. It will then ask you to authenticate, but the authentication should be accepted.
The user account you're using to deploy the SSAS database must have appropriate access to the SSAS instance in order to create the database and objects inside. Since this is a dev-setup, you could try adding your user account to the Server Admins.
In SSMS, log into the SSAS instance and right click on it (in the object explorer) and select properties. The last option in the left-pane is security and here is where you can add admin users.
are you talking about the " impersonation information" tab when you double click on the data source ? You should set it to "use service account"
In BIDS Solution Explorer → select the (in my case xx=08) Data Source and double-click on it. From the Data Source Designer screen click on the “Impersonation Information” tab, and enter the username and password of the user who has access for that remote data base or data source, and click OK.
I retrieve data from SQL Server database to excel file.
When I define connection properties, I choose that I want store password.
Meanwhile, I create a new login (and grant only access to read only data from specified database).
Unfortunately I am unable to find any option in Excel to remove this stored password.
In files which defining connections (.odc extension), I found information about login, but nothing about password.
How i can do it?
Maybe obvious, but did you try to unckeck the Save password checkbox in the connection properties window and reconnect to the database?
See http://office.microsoft.com/en-us/excel-help/connect-to-import-sql-server-data-HA010217956.aspx