Post reply

Multiple Logins with the same SID?

  • September 16, 2013 at 1:59 pm

    #298782

    So I am helping a customer out with some weird problems that they are having with Users and Logins and I dump the sys.server_principals and I notice something really strange. There are at least two instances of a WINDOWS_GROUP and WINDOWS_LOGIN entry that have the exact same SID. :blink:

    Is this supposed to be possible? Or I am right that that is seriously wrong and needs to be fixed. And if so, can someone suggest what the best way would be to fix it?

  • September 16, 2013 at 2:03 pm

    #1650599

    Sorry, this is really me (dang browser cached an old obsolete account I had from 12 years ago...)

    [font="Times New Roman"]-- RBarryYoung[/font], [font="Times New Roman"] (302)375-0451[/font] blog: MovingSQL.com, Twitter: @RBarryYoung[font="Arial Black"]
    Proactive Performance Solutions, Inc.     [/font]    [font="Verdana"] "Performance is our middle name."[/font]

  • September 16, 2013 at 3:01 pm

    #1650616

    Not that I know, but could it be that the account was renamed in Windows and the added to SQL Server under the new name, and the old name was retained?

    [font="Times New Roman"]Erland Sommarskog, SQL Server MVP, www.sommarskog.se[/font]

  • September 16, 2013 at 3:16 pm

    #1650622

    ...There are at least two instances of a WINDOWS_GROUP and WINDOWS_LOGIN entry that have the exact same SID. :blink:

    This should not be.

    Also adding the same user with renamed Windows-Level Login-Name is not possible, since the same SID will be recognized. I would not know how to prevent that check. But theoretically by editing the system tables directly or some other fancy method it might have "happened".

    Check the Logins at Windows Level.. to which Login they are pointing.. I mean there can only be one after all.. even more on windows level.

    Andreas

    ---------------------------------------------------
    MVP SQL Server
    Microsoft Certified Master SQL Server 2008
    Microsoft Certified Solutions Master Data Platform, SQL Server 2012
    www.insidesql.org/blogs/andreaswolter
    www.andreas-wolter.com

  • September 16, 2013 at 3:22 pm

    #1650626

    Yep, my bad. The SIDs were not in fact the same, they differed by a single letter somewhere around character 38.

    Sorry, and thanks for the responses.

    [font="Times New Roman"]-- RBarryYoung[/font], [font="Times New Roman"] (302)375-0451[/font] blog: MovingSQL.com, Twitter: @RBarryYoung[font="Arial Black"]
    Proactive Performance Solutions, Inc.     [/font]    [font="Verdana"] "Performance is our middle name."[/font]

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply