Migrate SQL 2000 Logins to SQL 2005
-
What is the best way to migrate SQL 2000 "SQL Logins" to SQL 2005?
Should we script out the Login info first (using the REVLOGIN proc) then run this script on the target SQL 2005 SQL Server?
We are experiencing some weird errors using this apporach involving the schema, owner, etc.. Any detailed approach is appreciated
BT -
I think you need to separate the issues of transferring SQL logins from the issues of database users.
If you send me your email address, I will send you our proc for transferring SQL logins.
When you grant use of a database to a login, SQL2005 will create a Schema object with the same name as the database login, and this becomes the default schema for that user.
You can then change the default schema for the user (e.g. to DBO), and if required delete the superfluous Schema object. Unfortunately it is not possible with SSMS to grant database access to a user and specify a specific schema name that user should use.
Original author: https://github.com/SQL-FineBuild/Common/wiki/ 1-click install and best practice configuration of SQL Server 2019, 2017 2016, 2014, 2012, 2008 R2, 2008 and 2005.
When I give food to the poor they call me a saint. When I ask why they are poor they call me a communist - Archbishop Hélder Câmara
-
Ed - much appreciated.. you can eMail the script at "webmaster @ skippackridge.com" (I seperated my eMail address here to avoid spam!! Please parse back together)
thx in advance
BT -
Microsoft's sp_help_revlogin will work. The KB article says how to move logins from 2000 to 2005.
-SQLBill
-
I successfully used REVLOGIN to generate the LOGINS script (from the source) and apllied to the target. Our issue resides with the fact that each SQL Login on our new, target SQL 2005 server has a schema w/ the owner = to the schema name - not dbo (eg. Schema Name=Order_Reader --- Schema Owner=Order_Reader)
We have to manually edit both the "Database Schema Names" (1 at a time) and the SQL LOGINS (1 at a time) and on the properties for each, change the Schema Owner to "dbo".
In search of a faster way to accomplish this for all our servers being migrated to SQL 2005...
thx
BT -
Once you have got your Logins known to SQL, you can detach your user databases from SQL 2000 and attach to SQL 2005 (or restore a backup to SQL 2005) and all the access will work as before. This just leaves the system databases needing special handling.
Original author: https://github.com/SQL-FineBuild/Common/wiki/ 1-click install and best practice configuration of SQL Server 2019, 2017 2016, 2014, 2012, 2008 R2, 2008 and 2005.
When I give food to the poor they call me a saint. When I ask why they are poor they call me a communist - Archbishop Hélder Câmara
- As said by SQLBILL about Microsoft's sp_help_revlogin and the KB. It has helped us. We were able to script out the SQL logins only but we had to manually create the windows logins . But latter I thought of trying the following option :->
ALL Tasks ---> Generate SQL Scripts (Options Tab) ---> Script SQL Server logins (Windows NT and SQL Server logins)
Try this and do let us know if this helped.
Minaz Amin
"More Green More Oxygen !! Plant a tree today"
-
Quote: We have to manually edit both the "Database Schema Names" (1 at a time) and the SQL LOGINS (1 at a time) and on the properties for each, change the Schema Owner to "dbo".
I used this script to script out Drop Schema statements Alter Schema statemenst to change all default schemas in a database to "dbo".
set nocount on
select
'use '+DB_NAME() AS [Current Database]
select
'drop schema ['+ name+']' from sys.schemas where schema_id between 5 and 16000
select
'alter user ['+name+'] with default_schema = dbo'
from sys.sysusers
where status > 4
set nocount off
Greg
Greg
-
The is a kb article that MS has given to script logins from 200 to 2005. It has a procedure that scripts the logins and using that script the can be created in 2005 server.
Cheers,
Sugeshkumar Rajendran
SQL Server MVP
http://sugeshkr.blogspot.com -
hi refer ,
http://support.microsoft.com/kb/246133/ ---this is wat sugesh was mentioning
[font="Verdana"]- Deepak[/font]
-
you can also modify sp_rev_logins to generate the "DEFAULT_SCHEMA" automatically to "dbo".
It will save you a "ton" of work
* Noel -
Oh and sp_rev_logins does *NOT* check for windows_policy so if you have a password that won't pass your windows policy the script will fail unless you configure the output to disable the check_policy option.
Just another thing to keep in mind
* Noel -
This script will cycle thru each 2005 DB and "auto-fix" each database User's SID to match their SQL Server level SQL Login.
DECLARE @SQL nVarchar (100), @DB VarChar (50), @SQL1 nVarchar (100), @user-id Varchar (50)
DECLARE DBs CURSOR FOR SELECT [name] FROM sys.databases WHERE Database_id > 4
OPEN DBs
FETCH NEXT FROM DBs INTO @DB
WHILE @@FETCH_status=0
BEGIN
SET @SQL = 'Use '+ @DB
EXEC sp_EXECuteSQL @SQL
DECLARE FLogins CURSOR FOR SELECT [name] FROM sys.server_principals WHERE Type = 'S'
OPEN Flogins
FETCH NEXT FROM Flogins INTO @user-id
WHILE @@FETCH_status=0
BEGIN
SET @SQL1 = 'sp_change_users_login '+ '''Auto_Fix''' + ', '+ @user-id
EXEC sp_EXECuteSQL @SQL1
FETCH NEXT FROM Flogins INTO @user-id
END
CLOSE Flogins
DEALLOCATE FLogins
FETCH NEXT FROM DBs INTO @DB
END
CLOSE DBs
DEALLOCATE DBs
BT -
Thanks for login orphans i had one for sql 2000 was looking for one with 2005
-
Hi,
I just want to add to this topic. I'm sorry for a very delayed reply. I was browsing through and i found this forum discussion on SQL logins migration.
The DTS or SSIS Login migration utilities are helpful, but more often than not, the mapping is unsuccessful. This results in a lot of orphan users getting created. I tried the DTS and SSIS packages, but received terrible feedback with people stating that they were still unable to login. I then discovered the mis-map. The following is the script that will create a stored procedure called 'sp_hexadecimal' and 'sp_help_revlogin_2000_to_2005' under the stored procedures section of the source instance. The final portion of the script automatically gets executed with the instruction "exec sp_help_revlogin_2000_to_2005 @login_name=NULL, @include_db=1, @include_role=1'.
Please make sure that you run this script in the "Query Analyzer". Once done, a login creation script is generated in the Results window. Copy the results and paste the script in the destination SQL 2005 instance.
Note: If this script is executed twice in the destination SQL 2005 instance, it will display that the "SID is in use". There are some logins that already exist on the destination instance. Those will not be created and will display an error that the login already exists.
Please let me know if the above information helped.
The script is as follows:
USE master
GO
IF OBJECT_ID ('sp_hexadecimal') IS NOT NULL
DROP PROCEDURE sp_hexadecimal
GO
CREATE PROCEDURE sp_hexadecimal
@binvalue varbinary(256),
@hexvalue varchar(256) OUTPUT
AS
DECLARE @charvalue varchar(256)
DECLARE @i int
DECLARE @length int
DECLARE @hexstring char(16)
SELECT @charvalue = '0x'
SELECT @i = 1
SELECT @length = DATALENGTH (@binvalue)
SELECT @hexstring = '0123456789ABCDEF'
WHILE (@i <= @length)
BEGIN
DECLARE @tempint int
DECLARE @firstint int
DECLARE @secondint int
SELECT @tempint = CONVERT(int, SUBSTRING(@binvalue,@i,1))
SELECT @firstint = FLOOR(@tempint/16)
SELECT @secondint = @tempint - (@firstint*16)
SELECT @charvalue = @charvalue +
SUBSTRING(@hexstring, @firstint+1, 1) +
SUBSTRING(@hexstring, @secondint+1, 1)
SELECT @i = @i + 1
END
SELECT @hexvalue = @charvalue
GO
IF OBJECT_ID ('sp_help_revlogin_2000_to_2005') IS NOT NULL
DROP PROCEDURE sp_help_revlogin_2000_to_2005
GO
CREATE PROCEDURE sp_help_revlogin_2000_to_2005
@login_name sysname = NULL,
@include_db bit = 0,
@include_role bit = 0
AS
DECLARE @name sysname
DECLARE @xstatus int
DECLARE @binpwd varbinary (256)
DECLARE @dfltdb varchar (256)
DECLARE @txtpwd sysname
DECLARE @tmpstr varchar (256)
DECLARE @SID_varbinary varbinary(85)
DECLARE @SID_string varchar(256)
IF (@login_name IS NULL)
DECLARE login_curs CURSOR STATIC FOR
SELECT sid, [name], xstatus, password, isnull(db_name(dbid), 'master')
FROM master.dbo.sysxlogins
WHERE srvid IS NULL AND
[name] <> 'sa'
ELSE
DECLARE login_curs CURSOR FOR
SELECT sid, [name], xstatus, password, isnull(db_name(dbid), 'master')
FROM master.dbo.sysxlogins
WHERE srvid IS NULL AND
[name] = @login_name
OPEN login_curs
FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @xstatus, @binpwd, @dfltdb
IF (@@fetch_status = -1)
BEGIN
PRINT 'No login(s) found.'
CLOSE login_curs
DEALLOCATE login_curs
RETURN -1
END
SET @tmpstr = '/* sp_help_revlogin script '
PRINT @tmpstr
SET @tmpstr = '** Generated '
+ CONVERT (varchar, GETDATE()) + ' on ' + @@SERVERNAME + ' */'
PRINT @tmpstr
PRINT ''
PRINT ''
PRINT ''
PRINT '/***** CREATE LOGINS *****/'
WHILE @@fetch_status = 0
BEGIN
PRINT ''
SET @tmpstr = '-- Login: ' + @name
PRINT @tmpstr
IF (@xstatus & 4) = 4
BEGIN -- NT authenticated account/group
IF (@xstatus & 1) = 1
BEGIN -- NT login is denied access
SET @tmpstr = '' --'EXEC master..sp_denylogin ''' + @name + ''''
PRINT @tmpstr
END
ELSE
BEGIN -- NT login has access
SET @tmpstr = 'IF NOT EXISTS (SELECT * FROM sys.server_principals WHERE [name] = ''' + @name + ''')'
PRINT @tmpstr
SET @tmpstr = CHAR(9) + 'CREATE LOGIN [' + @name + '] FROM WINDOWS'
PRINT @tmpstr
END
END
ELSE
BEGIN -- SQL Server authentication
EXEC sp_hexadecimal @SID_varbinary, @SID_string OUT
IF (@binpwd IS NOT NULL)
BEGIN -- Non-null password
EXEC sp_hexadecimal @binpwd, @txtpwd OUT
SET @tmpstr = 'CREATE LOGIN [' + @name + '] WITH PASSWORD=' + @txtpwd + ' HASHED'
END
ELSE
BEGIN -- Null password
SET @tmpstr = 'CREATE LOGIN [' + @name + '] WITH PASSWORD='''''
END
SET @tmpstr = @tmpstr + ', CHECK_POLICY=OFF, SID=' + @SID_string
PRINT @tmpstr
END
FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @xstatus, @binpwd, @dfltdb
END
IF @include_db = 1
BEGIN
PRINT ''
PRINT ''
PRINT ''
PRINT '/***** SET DEFAULT DATABASES *****/'
FETCH FIRST FROM login_curs INTO @SID_varbinary, @name, @xstatus, @binpwd, @dfltdb
WHILE @@fetch_status = 0
BEGIN
PRINT ''
SET @tmpstr = '-- Login: ' + @name
PRINT @tmpstr
SET @tmpstr = 'ALTER LOGIN [' + @name + '] WITH DEFAULT_DATABASE=[' + @dfltdb + ']'
PRINT @tmpstr
FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @xstatus, @binpwd, @dfltdb
END
END
IF @include_role = 1
BEGIN
PRINT ''
PRINT ''
PRINT ''
PRINT '/***** SET SERVER ROLES *****/'
FETCH FIRST FROM login_curs INTO @SID_varbinary, @name, @xstatus, @binpwd, @dfltdb
WHILE @@fetch_status = 0
BEGIN
PRINT ''
SET @tmpstr = '-- Login: ' + @name
PRINT @tmpstr
IF @xstatus &16 = 16 -- sysadmin
BEGIN
SET @tmpstr = 'exec master.dbo.sp_addsrvrolemember @loginame=''' + @name + ''', @rolename=''sysadmin'''
PRINT @tmpstr
END
IF @xstatus &32 = 32 -- securityadmin
BEGIN
SET @tmpstr = 'exec master.dbo.sp_addsrvrolemember @loginame=''' + @name + ''', @rolename=''securityadmin'''
PRINT @tmpstr
END
IF @xstatus &64 = 64 -- serveradmin
BEGIN
SET @tmpstr = 'exec master.dbo.sp_addsrvrolemember @loginame=''' + @name + ''', @rolename=''serveradmin'''
PRINT @tmpstr
END
IF @xstatus &128 = 128 -- setupadmin
BEGIN
SET @tmpstr = 'exec master.dbo.sp_addsrvrolemember @loginame=''' + @name + ''', @rolename=''setupadmin'''
PRINT @tmpstr
END
IF @xstatus &256 = 256 --processadmin
BEGIN
SET @tmpstr = 'exec master.dbo.sp_addsrvrolemember @loginame=''' + @name + ''', @rolename=''processadmin'''
PRINT @tmpstr
END
IF @xstatus &512 = 512 -- diskadmin
BEGIN
SET @tmpstr = 'exec master.dbo.sp_addsrvrolemember @loginame=''' + @name + ''', @rolename=''diskadmin'''
PRINT @tmpstr
END
IF @xstatus &1024 = 1024 -- dbcreator
BEGIN
SET @tmpstr = 'exec master.dbo.sp_addsrvrolemember @loginame=''' + @name + ''', @rolename=''dbcreator'''
PRINT @tmpstr
END
IF @xstatus &4096 = 4096 -- bulkadmin
BEGIN
SET @tmpstr = 'exec master.dbo.sp_addsrvrolemember @loginame=''' + @name + ''', @rolename=''bulkadmin'''
PRINT @tmpstr
END
FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @xstatus, @binpwd, @dfltdb
END
END
CLOSE login_curs
DEALLOCATE login_curs
RETURN 0
GO
exec sp_help_revlogin_2000_to_2005 @login_name=NULL, @include_db=1, @include_role=1
GO
Viewing 15 posts - 1 through 15 (of 34 total)
You must be logged in to reply to this topic. Login to reply