LOGON TRIGGER HELP

SQLServerCentral is supported by Red Gate Software Ltd.

Popular Topics

Home

Members

Calendar

Who's On

Home » SQL Server 2005 » SQL Server 2005 Security » LOGON TRIGGER HELP

LOGON TRIGGER HELP

Rate Topic

Display Mode

Topic Options

Author

Message

jarrants

Posted Friday, April 24, 2009 10:12 AM

SSC-Enthusiastic

Group: General Forum Members
Last Login: Friday, May 17, 2013 8:52 AM
Points: 100, Visits: 104

Here is the LOGON Trigger that I have in place, whenever I log into the system, I get the error "Logon failed for login 'arrants' due to trigger execution". I'm not doing anything in the trigger other than logging the connection and the application that was used to connect (as you can see in the code below). Any help or ideas that could point me in the right direction on why I keep getting that error message would be appreciated.

Create TRIGGER [DR_AUDIT_LOGON_TRIGGER]
ON ALL SERVER WITH EXECUTE AS 'sa'
FOR LOGON
AS
BEGIN

declare
@xml XML,
@PostTime datetime,
@ServerName varchar(255),
@LoginName varchar(255),
@LoginType varchar(255),
@ClientHost varchar(255),
@app_name varchar(255)

set @xml = EVENTDATA()
set @PostTime = convert(datetime, CONVERT(varchar, @xml.query('data(/EVENT_INSTANCE/PostTime)')))
set @ServerName = CONVERT(varchar(255), @xml.query('data(/EVENT_INSTANCE/ServerName)'))
set @LoginName = CONVERT(varchar(255), @xml.query('data(/EVENT_INSTANCE/LoginName)'))
set @LoginType = CONVERT(varchar(255), @xml.query('data(/EVENT_INSTANCE/LoginType)'))
set @ClientHost = CONVERT(varchar(255), @xml.query('data(/EVENT_INSTANCE/ClientHost)'))
set @app_name = app_name()

insert into [ARRANTS].dbo.LOGON_AUDIT
(Server_Name, Login_Name, [Login_Type], Client_Host, Application_Name, Post_Time, Event_XML)
select
@ServerName, @LoginName, @LoginType, @ClientHost, @app_name, @PostTime, @xml

/*
CREATE TABLE [ARRANTS].[dbo].[LOGON_AUDIT](
[Audit_ID] [int] IDENTITY(1,1) NOT NULL,
[Server_Name] [varchar](255) NOT NULL,
[Login_Name] [varchar](255) NOT NULL,
[Login_Type] [varchar](255) NOT NULL,
[Client_Host] [varchar](255) NOT NULL,
[Application_Name] [varchar](255) NOT NULL,
[Post_Time] [datetime] NOT NULL DEFAULT (getdate()),
[Event_XML] [xml] NOT NULL
)

*/

END

Thanks,

Jeff

Post #704116

GilaMonster

Posted Friday, April 24, 2009 10:28 AM

SSC-Dedicated

Group: General Forum Members
Last Login: Today @ 11:45 AM
Points: 37,744, Visits: 30,023

Check the SQL error log. Any errors or prints from a logon trigger go in there.

I would suggest wrapping the code in a TRY.. CATCH block and have the catch print out the error message.

Gail Shaw
Microsoft Certified Master: SQL Server 2008, MVP
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

We walk in the dark places no others will enter
We stand on the bridge and no one may pass

Post #704123

jarrants

Posted Friday, April 24, 2009 11:38 AM

SSC-Enthusiastic

Group: General Forum Members
Last Login: Friday, May 17, 2013 8:52 AM
Points: 100, Visits: 104

Thanks Gail, that pointed me in the right direction. Here is the result...

Error message in SQL Error Log:
SELECT failed because the following SET options have incorrect settings: 'ANSI_NULLS, QUOTED_IDENTIFIER'. Verify that SET options are correct for use with indexed views and/or indexes on computed columns and/or query notifications and/or xml data type methods.

The problem was when I created the log table I didn't use the SET ANSI_NULLS ON, SET QUOTED_IDENTIFIER ON options, even though I had tried including the options in the trigger itself.

----------------------------------------------------------------------------
----------------------------------------------------------------------------

SET ANSI_NULLS ON
SET QUOTED_IDENTIFIER ON

drop table [ARRANTS].[dbo].[LOGON_AUDIT]

CREATE TABLE [ARRANTS].[dbo].[LOGON_AUDIT](
[Audit_ID] [int] IDENTITY(1,1) NOT NULL,
[Server_Name] [varchar](255) NULL,
[Login_Name] [varchar](255) NULL,
[Login_Type] [varchar](255) NULL,
[Client_Host] [varchar](255) NULL,
[Application_Name] [varchar](255) NULL,
[Post_Time] [datetime] NULL DEFAULT (getdate()),
[Event_XML] [xml] NULL
)

select * from [ARRANTS].[dbo].[LOGON_AUDIT]

----------------------------------------------------------------------------
----------------------------------------------------------------------------

Create TRIGGER [DR_AUDIT_LOGON_TRIGGER]
ON ALL SERVER WITH EXECUTE AS 'sa'
FOR LOGON
AS
BEGIN

SET NOCOUNT ON
SET ANSI_NULLS ON
SET QUOTED_IDENTIFIER ON

declare
@xml XML,
@PostTime datetime,
@ServerName varchar(255),
@LoginName varchar(255),
@LoginType varchar(255),
@ClientHost varchar(255),
@app_name varchar(255)

begin try

set @xml = EVENTDATA()
set @PostTime = convert(datetime, CONVERT(varchar, @xml.query('data(/EVENT_INSTANCE/PostTime)')))
set @ServerName = CONVERT(varchar(255), @xml.query('data(/EVENT_INSTANCE/ServerName)'))
set @LoginName = CONVERT(varchar(255), @xml.query('data(/EVENT_INSTANCE/LoginName)'))
set @LoginType = CONVERT(varchar(255), @xml.query('data(/EVENT_INSTANCE/LoginType)'))
set @ClientHost = CONVERT(varchar(255), @xml.query('data(/EVENT_INSTANCE/ClientHost)'))
set @app_name = app_name()

insert into [ARRANTS].dbo.LOGON_AUDIT
(Server_Name, Login_Name, [Login_Type], Client_Host, Application_Name, Post_Time, Event_XML)
select
@ServerName, @LoginName, @LoginType, @ClientHost, @app_name, @PostTime, @xml

end try

begin catch

print 'Error Message: ' + ERROR_MESSAGE()

end catch

END

Post #704180

GilaMonster

Posted Friday, April 24, 2009 11:47 AM

SSC-Dedicated

Group: General Forum Members
Last Login: Today @ 11:45 AM
Points: 37,744, Visits: 30,023

Is it all sorted out now?

Gail Shaw
Microsoft Certified Master: SQL Server 2008, MVP
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

We walk in the dark places no others will enter
We stand on the bridge and no one may pass

Post #704192

jarrants

Posted Friday, April 24, 2009 1:53 PM

SSC-Enthusiastic

Group: General Forum Members
Last Login: Friday, May 17, 2013 8:52 AM
Points: 100, Visits: 104

Yes, again thank you for the push in the right direction.

Post #704285

koray_cosar2

Posted Friday, September 14, 2012 12:45 AM

Forum Newbie

Group: General Forum Members
Last Login: Wednesday, October 03, 2012 2:10 AM
Points: 2, Visits: 49

Dear All;

I am trying to use same script on my project. is there any connection limitation for logon trigger? Because some users (for example after 10-15 minutes)
they are getting error screen like 'connection problem' from their application screens. if so, how can i increase the connection limits?

thanks in advance
best regards,

Kori...

Post #1359064

koray_cosar2

Posted Friday, September 14, 2012 12:48 AM

Forum Newbie

Group: General Forum Members
Last Login: Wednesday, October 03, 2012 2:10 AM
Points: 2, Visits: 49

i forget the script. My script was like this:

Create TRIGGER [LOGON_TRIGGER]
ON ALL SERVER WITH EXECUTE AS 'sa'
FOR LOGON
AS
BEGIN

SET NOCOUNT ON
SET ANSI_NULLS ON
SET QUOTED_IDENTIFIER ON

IF ORIGINAL_LOGIN()= 'odbc' AND
CONNECTIONPROPERTY('client_net_address') not in (select client_net_address from net_address_pool)
rollback
END

Post #1359066

« Prev Topic | Next Topic »

Permissions