Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase «««1234»»

Connection Problems Expand / Collapse
Author
Message
Posted Monday, February 07, 2011 6:53 AM
SSCommitted

SSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommitted

Group: General Forum Members
Last Login: Tuesday, April 08, 2014 9:42 PM
Points: 1,786, Visits: 1,100
Good Question. These type of questions will help all of us bursh up our knowledge every day. Thank you again!!!
Post #1059511
Posted Monday, February 07, 2011 7:24 AM
SSC Eights!

SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!

Group: General Forum Members
Last Login: Friday, October 04, 2013 12:06 PM
Points: 989, Visits: 1,804
I knew exactly what the problem was and could not find sp_change_users_login, so I read the answers to decide which tried to do the same thing and got it correct. To me the value of the question is to educate that the old way we did it is going away.

And as for making the SID identical, well, yeah, this would be the IDEAL way to do it but in the real world, you won't always be administering servers you yourself set up if you get my drift. Always need to know your options.
Post #1059532
Posted Monday, February 07, 2011 8:44 AM
Old Hand

Old HandOld HandOld HandOld HandOld HandOld HandOld HandOld Hand

Group: General Forum Members
Last Login: Wednesday, December 04, 2013 1:32 PM
Points: 335, Visits: 392
Such a bummer to me that the sp_change_users_login option is going to be phased out without a "decent" alternative - consider the scenario that exists in my environment where there lots of sql server logins, and (esp. in dev), you don't document the passwords for them, which makes the ALTER USER solution difficult to pull off. Plus, using sp_change_users_login 'Report' lets you see specifically which users are orphaned before you dive into trying to fix them.
Post #1059599
Posted Monday, February 07, 2011 8:47 AM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: Thursday, April 10, 2014 8:19 AM
Points: 7,002, Visits: 6,181
I have to agree. I like being able to cursor through the proc, having all the orphaned users fixed automatically without any typing. I just open up my saved cursor, execute it, and everything gets fixed.

Brandie Tarvin, MCITP Database Administrator

Webpage: http://www.BrandieTarvin.net
LiveJournal Blog: http://brandietarvin.livejournal.com/
On LinkedIn!, Google+, and Twitter.

Freelance Writer: Shadowrun
Latchkeys: Nevermore, Latchkeys: The Bootleg War, and Latchkeys: Roscoes in the Night are now available on Nook and Kindle.
Post #1059603
Posted Monday, February 07, 2011 8:48 AM
SSChasing Mays

SSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing Mays

Group: General Forum Members
Last Login: Monday, November 04, 2013 4:02 PM
Points: 659, Visits: 474
Nice question.. And thats exactly a perfect example before reading about Contained Databases in sql server "Denali".
Post #1059606
Posted Monday, February 07, 2011 8:58 AM
Hall of Fame

Hall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of Fame

Group: General Forum Members
Last Login: Thursday, April 03, 2014 10:34 AM
Points: 3,352, Visits: 1,478
getoffmyfoot (2/7/2011)
Such a bummer to me that the sp_change_users_login option is going to be phased out without a "decent" alternative - consider the scenario that exists in my environment where there lots of sql server logins, and (esp. in dev), you don't document the passwords for them, which makes the ALTER USER solution difficult to pull off. Plus, using sp_change_users_login 'Report' lets you see specifically which users are orphaned before you dive into trying to fix them.


You don't need the password of the login in order to use ALTER USER. But I agree the report option is pretty handy. Without that you'd need to run the actual SQL statement that sp_change_users_login uses:

select UserName = name, UserSID = sid from sysusers
where issqluser = 1
and (sid is not null and sid <> 0x0)
and (len(sid) <= 16)
and suser_sname(sid) is null
order by name

Post #1059621
Posted Monday, February 07, 2011 9:01 AM
Ten Centuries

Ten CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen Centuries

Group: General Forum Members
Last Login: Yesterday @ 1:36 AM
Points: 1,049, Visits: 861
Ah, not the missing option of 'wtf are you using sql logins in production for anyway?'

What with them being inherently, disgracefully insecure.

For anyone that hasn't I strongly recommend using your favourite packet sniffer (wireshark for instance) to trace the local network while you log in with a sql login. Filter it for login packets... and watch in wonder as your password flies across the network in plain text! <_<




Post #1059626
Posted Monday, February 07, 2011 9:04 AM
SSC Eights!

SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!

Group: General Forum Members
Last Login: Friday, October 04, 2013 12:06 PM
Points: 989, Visits: 1,804
RichB (2/7/2011)
Ah, not the missing option of 'wtf are you using sql logins in production for anyway?'

What with them being inherently, disgracefully insecure.

For anyone that hasn't I strongly recommend using your favourite packet sniffer (wireshark for instance) to trace the local network while you log in with a sql login. Filter it for login packets... and watch in wonder as your password flies across the network in plain text! <_<



As long as we have vendor apps, or we have people connecting from non-Windows sources, they will be a necessary evil....
Post #1059633
Posted Monday, February 07, 2011 9:35 AM
Ten Centuries

Ten CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen Centuries

Group: General Forum Members
Last Login: Thursday, January 31, 2013 8:01 AM
Points: 1,232, Visits: 1,046
Nice question even if it was long winded. IMHO: Two points is a lot for a question that should be asked and answered correctly at any DBA interview.

This was the first DBA incident I ever had to resolve professionaly. I even got a contract once because the DR plan for a fortune 500 company did not include fixing SQL logins once databases had been restored from Tape to a new server on new hardware in a new domain. FUN!
Post #1059683
Posted Monday, February 07, 2011 11:08 AM
SSChasing Mays

SSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing Mays

Group: General Forum Members
Last Login: Tuesday, March 04, 2014 7:41 PM
Points: 634, Visits: 399
Ronald H (2/7/2011)
Exactly a scenario that happens in our environments. Thanks for the question!

Ditto x 2 .

Re the question's phrasing and its choices: since its "you" can successfully connect to Dev using "MyUser", wouldn't the two choices which submit a <NewPassword> make no sense? I answered the question correctly, but I'm just wondering if the right answer could be chosen merely based on that type of analysis of the question. Thanks.
Post #1059780
« Prev Topic | Next Topic »

Add to briefcase «««1234»»

Permissions Expand / Collapse